ScaleBit, a subsidiary of security auditor BitsLab, reports a vulnerability in Uniswap wallets that could threaten all stored assets.
Uniswap Wallet Vulnerability
On January 13, ScaleBit announced that the identified flaw allows attackers with physical access to a device to bypass wallet authentication mechanisms and directly retrieve the mnemonic phrase. A mnemonic phrase, or 'seed phrase', is a set of 12-24 random words that provide full control over wallet assets. According to ScaleBit, anyone with access to an unlocked device can obtain the phrase in less than three minutes. Users are advised not to lend devices until the issue is resolved.
Crypto Exploit Losses in 2024
In 2024, losses due to cryptocurrency cyberattacks increased by 40% to $2.3 billion according to Cyvers. The rise is attributed to increased access control breaches, especially in centralized exchanges and crypto custodians. Mnemonic phrases are often targeted in such attacks.
Reduction in Losses by End of 2024
Despite the rise, the last months of 2024 saw a decrease in losses from attacks. In December, CertiK reported $28.6 million in losses, a significant drop from previous months. PeckShield also recorded a decrease in hacking losses in December.
The discovered vulnerability in Uniswap wallets serves as a reminder for users to safeguard their devices and data. The growing losses from cyberattacks highlight the need for increased security measures in the cryptocurrency industry.
