Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
American Bitcoin payment processor BitPay stated that the company's Copay wallet was attacked by hackers. Bitpay announced on Monday that it learned of this issue from a report on Copay GitHub. The report showed that third-party JavaScript libraries used by these applications were modified and malicious code was loaded. The malware was inserted into versions 5.0.2 to 5.1.0 of the Copay and BitPay wallet applications and may be used to obtain private keys for stealing Bitcoin and Bitcoin Cash. According to reports, the attack appeared to be carried out by a developer named Right9ctrl, who took over the maintenance of the NodeJS library from the left manager. About three months ago, when Right9ctrl was granted access to the repository, he inserted malware at this time. Attack method (per SlowMist): Malicious Code Injection Attack. Reported loss: -.
- chain
- bitcoin
- protocol
- BitPay Copay
- bug_class
- private-key
- date_occurred
- 2018-11-27
- loss_usd
- —
- source_id
- sm:bitpay-copay::2018-11-27