Layer 1 blockchain Near Protocol has informed users of a bug it discovered in June that exposed sensitive information to third parties.
The network announced this in a suspension released on August 4th saying they were able to fix the issue the same day.
According to the post, “a code change, however, resulted in the collection of sensitive data for some users who had used email or SMS recovery with their wallets.”
Fortunately, blockchain security company Hacxyk noticed the bug and reported it to the team, who quickly fixed it. In addition, Hacxyk received a bounty reward for the alert.
The network claimed that its wallet team immediately handled the situation by cleaning up “all sensitive data” and identifying those who could have accessed it.
“To date, we have found no indicators of compromise related to the random collection of this data, nor do we have reason to believe that this data persists anywhere,” he added.
The announcement comes amid a series of exploits and hacks that have rocked the crypto space in August.
Nomad Bridge lost over $190 million in a ‘decentralized heist’.
Celsius has announced that a malicious third party may have compromised user data through a leak from an employee of its messaging partner, Customer.io.
Additionally, thousands of Solana wallets were drained in an attack that lasted for hours and resulted in a loss of over $5 million.
With the almost breakneck speed of exploits, Near Protocol also shares its experience and alerts users so that they can be extra careful and take all necessary measures to avoid exploits.
So it asked users who used their SMS or email for account recovery to rotate their keys to be on the safer side. They can do this at wallet.near.org.
Meanwhile, the network said it will no longer allow users to use their SMS or email for recovery when creating an account.
He also advised users to opt for cold wallets like Ledger, which offer more security. Additionally, users should never give out their private keys or recovery keys.
What do you think about this topic? Write us and tell us!
Denial of responsibility
All information contained on our website is published in good faith and for general information purposes only. Any action the reader takes on the information found on our website is strictly at their own risk.