A one-man defamation campaign alleging software vulnerabilities has been launched against Coinomi.
Cryptocurrency storage application Coinomi Wallet has refuted recent claims that its software was coded to send unencrypted wallet recovery seed phrases to Google’s spell check servers. The claims were denied in an official statement posted on Medium on Wednesday, February 27.
Coinomi clarified that seed phrases “weren’t being transmitted at all unless the user chose to explicitly restore their Desktop wallets,” and that if they were sent, they were encrypted and “encapsulated inside a HTTPS request with Google being the sole recipient.”
Additionally, “the spell-check requests that were sent over to Google API were not processed, cached or stored and the requests themselves returned an error (code: 400) as they were flagged as ‘Bad Request’ and weren’t processed further by Google.”
Still, Coinomi did acknowledge that this was a problem, one that was likely caused by a poor configuration in plug-in software that operates as part of the Coinomi wallet desktop application.
Allegations, Threats, and Blackmail
The claims were originally publicly made against the company came from one Warith Al Maawali, a man who said that a Coinomi wallet had been hacked because of the vulnerability. Maawali created a support request on Coinomi’s board describing the claims in detail; he also seems to have created Avoid-Coinomi.com, a website that also contains descriptions of the vulnerability as he sees it.
Coinomi is said to have immediately flagged the post as ‘high priority’ and to have launched an investigation into the matter. Despite this, however, Coinomi COO Angelos Leoussis explained on the company’s Telegram channel that Maawali persisted in “threatening, swearing, and blackmailing us for insane amounts.”
Unfortunately for Coinomi, Maawali’s claims spread like wildfire over the web. At the time of writing, a number of crypto-centric news publications, including DecryptMedia, Ethereum World News, and Bitcoin Exchange Guide have reported on Maawali’s claims without including Coinomi’s defense.
SECURITY VULNERABILITY@CoinomiWallet sends your plain text seed phrase to Googles remote spellchecker API when you enter it! This is not a joke!
CoinTelegraph reported that before Maawali went public with his allegations, he requested that the company refund him the cryptocurrency that had allegedly been stolen from him, threatening that if they failed to do so, he would have “no choice other than reporting this in social media.” However, Maawali would not provide Coinomi with the details of his claims.
Coinomi proceeded by asking Maawali for more information on the alleged vulnerability. Maawali is said to have responded by saying that he wouldn’t give any details until he was guaranteed payment.
Let the message be clear, we do not negotiate with blackmailers.
Even so, Coinomi reportedly reported the allegedly stolen assets to Chainalysis, so that the funds will be blacklisted, and therefore will not be accepted by any exchange.
Regardless of whether or not Coinomi's alleged vulnerability actually led to the theft of Maawali's assets, the debacle has served as a reminder that software wallets can be risky.
Indeed, Ledger CEO Eric Larchevêque told Finance Magnates in an email that “the Coinomi meltdown is further evidence of why software wallets are a recipe for disaster. When entrusting a software wallet with your assets, you are exposing your private keys to the internet, leaving them vulnerable to attack. Simply put, Cold Storage on a hardware wallet is the only way for investors to ensure complete security of their private keys.”
Finance Magnates reached out to Coinomi but had not received a response at the time of publication.
Cryptocurrency storage application Coinomi Wallet has refuted recent claims that its software was coded to send unencrypted wallet recovery seed phrases to Google’s spell check servers. The claims were denied in an official statement posted on Medium on Wednesday, February 27.
Coinomi clarified that seed phrases “weren’t being transmitted at all unless the user chose to explicitly restore their Desktop wallets,” and that if they were sent, they were encrypted and “encapsulated inside a HTTPS request with Google being the sole recipient.”
Additionally, “the spell-check requests that were sent over to Google API were not processed, cached or stored and the requests themselves returned an error (code: 400) as they were flagged as ‘Bad Request’ and weren’t processed further by Google.”
Still, Coinomi did acknowledge that this was a problem, one that was likely caused by a poor configuration in plug-in software that operates as part of the Coinomi wallet desktop application.
Allegations, Threats, and Blackmail
The claims were originally publicly made against the company came from one Warith Al Maawali, a man who said that a Coinomi wallet had been hacked because of the vulnerability. Maawali created a support request on Coinomi’s board describing the claims in detail; he also seems to have created Avoid-Coinomi.com, a website that also contains descriptions of the vulnerability as he sees it.
Coinomi is said to have immediately flagged the post as ‘high priority’ and to have launched an investigation into the matter. Despite this, however, Coinomi COO Angelos Leoussis explained on the company’s Telegram channel that Maawali persisted in “threatening, swearing, and blackmailing us for insane amounts.”
Unfortunately for Coinomi, Maawali’s claims spread like wildfire over the web. At the time of writing, a number of crypto-centric news publications, including DecryptMedia, Ethereum World News, and Bitcoin Exchange Guide have reported on Maawali’s claims without including Coinomi’s defense.
SECURITY VULNERABILITY@CoinomiWallet sends your plain text seed phrase to Googles remote spellchecker API when you enter it! This is not a joke!
CoinTelegraph reported that before Maawali went public with his allegations, he requested that the company refund him the cryptocurrency that had allegedly been stolen from him, threatening that if they failed to do so, he would have “no choice other than reporting this in social media.” However, Maawali would not provide Coinomi with the details of his claims.
Coinomi proceeded by asking Maawali for more information on the alleged vulnerability. Maawali is said to have responded by saying that he wouldn’t give any details until he was guaranteed payment.
Let the message be clear, we do not negotiate with blackmailers.
Even so, Coinomi reportedly reported the allegedly stolen assets to Chainalysis, so that the funds will be blacklisted, and therefore will not be accepted by any exchange.
Regardless of whether or not Coinomi's alleged vulnerability actually led to the theft of Maawali's assets, the debacle has served as a reminder that software wallets can be risky.
Indeed, Ledger CEO Eric Larchevêque told Finance Magnates in an email that “the Coinomi meltdown is further evidence of why software wallets are a recipe for disaster. When entrusting a software wallet with your assets, you are exposing your private keys to the internet, leaving them vulnerable to attack. Simply put, Cold Storage on a hardware wallet is the only way for investors to ensure complete security of their private keys.”
Finance Magnates reached out to Coinomi but had not received a response at the time of publication.
Rachel is a self-taught crypto geek and a passionate writer. She believes in the power that the written word has to educate, connect and empower individuals to make positive and powerful financial choices. She is the Podcast Host and a Cryptocurrency Editor at Finance Magnates.
Broadridge to Bolster Prometheum's Digital Asset Securities Infrastructure
Network, Learn, Grow | FMAS:24
Network, Learn, Grow | FMAS:24
Get ready to mark your calendars for FMAS:24, returning this May! Take a quick glimpse of what awaits at the Sandton Convention Centre in Sandton, South Africa from May 20-22, 2024.
Don't miss out on this 5-second invite packed with energy and urgency!
Secure your free ticket now 🔗 https://events.financemagnates.com/yQx0l?utm_source=youtube&utm_campaign=fmas-is-back&utm_medium=video&RefId=FMAS24+Video+Ad+%5B1%5D
#fmas24 #fmas #fmevents #financeinafrica #traders #investors #affiliates #forexTraders #investmentOpportunities #B2BNetworking #finTech #Innovations #TradingCommunity #BusinessOpportunities #AfricanBusiness #Johannesburg #southafrica
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates. Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage. Subscribe to our YouTube channel for more!
Get ready to mark your calendars for FMAS:24, returning this May! Take a quick glimpse of what awaits at the Sandton Convention Centre in Sandton, South Africa from May 20-22, 2024.
Don't miss out on this 5-second invite packed with energy and urgency!
Secure your free ticket now 🔗 https://events.financemagnates.com/yQx0l?utm_source=youtube&utm_campaign=fmas-is-back&utm_medium=video&RefId=FMAS24+Video+Ad+%5B1%5D
#fmas24 #fmas #fmevents #financeinafrica #traders #investors #affiliates #forexTraders #investmentOpportunities #B2BNetworking #finTech #Innovations #TradingCommunity #BusinessOpportunities #AfricanBusiness #Johannesburg #southafrica
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates. Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage. Subscribe to our YouTube channel for more!
Here's a sneak peek into the FMAS:24 vibrant atmosphere! Join us at Africa’s premium financial event for a transformative experience that combines the best of finance and technology.
From May 20-22, 2024, the Sandton Convention Centre in Sandton, South Africa, will be the hub for over 3,500 attendees to engage in unparalleled networking opportunities, learn from over 150 industry-leading speakers, and explore innovations from 120+ exhibitors.
Secure your free ticket now 🔗 https://events.financemagnates.com/yQx0l?utm_source=youtube&utm_campaign=fmas-is-back&utm_medium=video&RefId=FMAS24+Video+Ad+%5B1%5D
#fmas24 #fmas #fmevents #financeinafrica #traders #investors #affiliates #forexTraders #investmentOpportunities #B2BNetworking #finTech #Innovations #TradingCommunity #BusinessOpportunities #AfricanBusiness #Johannesburg #southafrica
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates. Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage. Subscribe to our YouTube channel for more!
Here's a sneak peek into the FMAS:24 vibrant atmosphere! Join us at Africa’s premium financial event for a transformative experience that combines the best of finance and technology.
From May 20-22, 2024, the Sandton Convention Centre in Sandton, South Africa, will be the hub for over 3,500 attendees to engage in unparalleled networking opportunities, learn from over 150 industry-leading speakers, and explore innovations from 120+ exhibitors.
Secure your free ticket now 🔗 https://events.financemagnates.com/yQx0l?utm_source=youtube&utm_campaign=fmas-is-back&utm_medium=video&RefId=FMAS24+Video+Ad+%5B1%5D
#fmas24 #fmas #fmevents #financeinafrica #traders #investors #affiliates #forexTraders #investmentOpportunities #B2BNetworking #finTech #Innovations #TradingCommunity #BusinessOpportunities #AfricanBusiness #Johannesburg #southafrica
📣 Stay updated with the latest in finance and trading!
Follow FMevents across our social media platforms for news, insights, and event updates. Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/showcase/financemagnates-events/
👍 Facebook: https://www.facebook.com/FinanceMagnatesEvents
📸 Instagram: https://www.instagram.com/fmevents_official
🐦 Twitter: https://twitter.com/F_M_events
🎥 TikTok: https://www.tiktok.com/@fmevents_official
▶️ YouTube: https://www.youtube.com/@FinanceMagnates_official
Don't miss out on our latest videos, interviews, and event coverage. Subscribe to our YouTube channel for more!
Join 3500+ Attendees at FMAS:24 | Africa's Premium Financial Event
Join 3500+ Attendees at FMAS:24 | Africa's Premium Financial Event
Looking to expand your network in #Africa? Join 3500+ attendees at FMAS:24, where online trading, fintech, payments, and crypto meet! Connect with industry leaders and innovators for an unmatched networking experience.
20-22 MAY 2024
Sandton Convention Center, Sandton, South Africa
Register now to secure your spot: https://bit.ly/3JbUpCK
#fmas #fmas24 #fmevents #networking #finance #africa
📣 Stay updated with the latest in finance and trading!
Follow Finance Magnates for news, insights, and event updates across our social media platforms. Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/company/financemagnates/
👍 Facebook: https://www.facebook.com/financemagnates/
📸 Instagram: https://www.instagram.com/financemagnates_official
🐦 X (Twitter): https://twitter.com/financemagnates/
📡 RSS Feed: https://www.financemagnates.com/feed/
▶️ Telegram: https://t.me/financemagnatesnews
Don't miss out on our latest videos, interviews, and event coverage.
🔔 Subscribe to our YouTube channel for more!🔔
Looking to expand your network in #Africa? Join 3500+ attendees at FMAS:24, where online trading, fintech, payments, and crypto meet! Connect with industry leaders and innovators for an unmatched networking experience.
20-22 MAY 2024
Sandton Convention Center, Sandton, South Africa
Register now to secure your spot: https://bit.ly/3JbUpCK
#fmas #fmas24 #fmevents #networking #finance #africa
📣 Stay updated with the latest in finance and trading!
Follow Finance Magnates for news, insights, and event updates across our social media platforms. Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/company/financemagnates/
👍 Facebook: https://www.facebook.com/financemagnates/
📸 Instagram: https://www.instagram.com/financemagnates_official
🐦 X (Twitter): https://twitter.com/financemagnates/
📡 RSS Feed: https://www.financemagnates.com/feed/
▶️ Telegram: https://t.me/financemagnatesnews
Don't miss out on our latest videos, interviews, and event coverage.
🔔 Subscribe to our YouTube channel for more!🔔
Join 3500+ Attendees at FMAS:24 - Africa's Premium Financial Event
Join 3500+ Attendees at FMAS:24 - Africa's Premium Financial Event
Looking to expand your network in #Africa?
Join 3500+ attendees at FMAS:24, where online trading, fintech, payments, and crypto meet! Connect with industry leaders and innovators for an unmatched networking experience.
20-22 MAY 2024
Sandton Convention Center, Sandton, South Africa
Register now to secure your spot: https://bit.ly/3JbUpCK
#fmas #fmas24 #fmevents #networking #finance #africa
Looking to expand your network in #Africa?
Join 3500+ attendees at FMAS:24, where online trading, fintech, payments, and crypto meet! Connect with industry leaders and innovators for an unmatched networking experience.
20-22 MAY 2024
Sandton Convention Center, Sandton, South Africa
Register now to secure your spot: https://bit.ly/3JbUpCK
#fmas #fmas24 #fmevents #networking #finance #africa
Where the Prop Trading Industry Goes from Here | Finance Magnates Podcast
Where the Prop Trading Industry Goes from Here | Finance Magnates Podcast
Explore the tumultuous world of prop trading in this Finance Magnates podcast episode, featuring insights from Head of Axi Select, Greg Rubin.
We're discussing the challenges and shifts caused by MetaQuotes' pivotal decisions affecting MT4 and MT5 users, and how Axi Select offers a unique, realistic path to professional trading, steering clear of traditional prop firm pitfalls.
Tune in for expert analysis on the future of trading and innovative funding models.
The Axi Select programme is only available to clients of AxiTrader Limited. CFDs carry a high risk of investment loss. In our dealings with you, we will act as a principal counterparty to all of your positions. This content is not available for AU, NZ, EU and UK residents. For more information, refer to our Terms of Service. Standard trading fees apply.
This content is provided solely for general informational purposes and should not be construed as financial product advice or an investment recommendation. It has been prepared without considering your personal circumstances.
📣 Stay updated with the latest in finance and trading!
Follow Finance Magnates for news, insights, and event updates across our social media platforms. Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/company/financemagnates/
👍 Facebook: https://www.facebook.com/financemagnates/
📸 Instagram: https://www.instagram.com/financemagnates_official
🐦 X (Twitter): https://twitter.com/financemagnates/
📡 RSS Feed: https://www.financemagnates.com/feed/
▶️ Telegram: https://t.me/financemagnatesnews
Don't miss out on our latest videos, interviews, and event coverage.
🔔 Subscribe to our YouTube channel for more!🔔
Explore the tumultuous world of prop trading in this Finance Magnates podcast episode, featuring insights from Head of Axi Select, Greg Rubin.
We're discussing the challenges and shifts caused by MetaQuotes' pivotal decisions affecting MT4 and MT5 users, and how Axi Select offers a unique, realistic path to professional trading, steering clear of traditional prop firm pitfalls.
Tune in for expert analysis on the future of trading and innovative funding models.
The Axi Select programme is only available to clients of AxiTrader Limited. CFDs carry a high risk of investment loss. In our dealings with you, we will act as a principal counterparty to all of your positions. This content is not available for AU, NZ, EU and UK residents. For more information, refer to our Terms of Service. Standard trading fees apply.
This content is provided solely for general informational purposes and should not be construed as financial product advice or an investment recommendation. It has been prepared without considering your personal circumstances.
📣 Stay updated with the latest in finance and trading!
Follow Finance Magnates for news, insights, and event updates across our social media platforms. Connect with us today:
🔗 LinkedIn: https://www.linkedin.com/company/financemagnates/
👍 Facebook: https://www.facebook.com/financemagnates/
📸 Instagram: https://www.instagram.com/financemagnates_official
🐦 X (Twitter): https://twitter.com/financemagnates/
📡 RSS Feed: https://www.financemagnates.com/feed/
▶️ Telegram: https://t.me/financemagnatesnews
Don't miss out on our latest videos, interviews, and event coverage.
🔔 Subscribe to our YouTube channel for more!🔔