Jaxx wallet vulnerability led to users losing $400,000 from their wallets
A report by Vx Labs indicates that Jaxx wallet ha a security vulnerability in its desktop platform that allows hackers to obtain a 12-word back phrase, copy t, and use it to obtain private keys that give them access to user funds.
Even having a PIN code configured won’t help with the vulnerability. Users have already reportedly lost $400,000 in Ethereum, Zcash, Bitcoin, and Ethereum Classic, even though the vulnerability only affects those using the desktop platform – smartphone only users are safe.
Jaxx’s CTO responded to the situation saying that the company is comfortable with its security and that those that do not feel secure should not use Jaxx at all. He added that Jaxx is a hot wallet and that users shouldn’t keep large amounts in these.
We are very comfortable with this security model for hot walets. The fact is there will always be tradeoffs between user experience, portability and security and we believe we’ve struck a great balance
Until the vulnerability is fixed, Vx Labs says you should KEEP AWAY from Jaxx, as your funds can easily get stolen by hackers – this vulnerability is public and has been reported by various news outlets.
@yoona just stated today he lost his Ethereum on Jaxx/MyEtherWallet.
Here's the reason why. He should leave Jaxx right away
A lot of folks believe their coins are safe because they moved it out of an exchange. Folks need to understand that wallets having convenience features are most likely hot. Hardware wallets are here for a reason!