Copay and Bitpay Wallet Apps Were Infected With Malicious Code

A developer has injected a piece of malicious code into the software used by the popular Copay and Bitpay wallets. The safety of the Bitcoin.com wallet was not compromised and the Bitpay app was not vulnerable to the attack, but Copay users need to take precautionary actions.

Also Read: Chinese Startup Gets Crypto Custodial Services License in Hong Kong

Someone Might Have Been Able to Steal Private Keys

Copay and Bitpay Wallet Apps Were Infected With Malicious Code The Bitpay team has announced that a third-party NodeJS (the open-source Java Script environment) package used by the Copay and BitPay apps had been modified to load malicious code. This could have been used to capture and steal users’ private wallet keys. The company learned about the vulnerability from a GitHub issue report about an “event-stream” dependency attack.

Bitpay has only confirmed so far that the malicious code was deployed on its Copay and Bitpay apps from version 5.0.2 to 5.1.0. However, the company has tried to reassure users by saying that the Bitpay app was not vulnerable to the malicious code. A security update (version 5.2.0) has been developed and will be made available for users in the app stores. And the team is still investigating to figure out if the malicious code was ever actually used against people.

What Copay Wallet Users Need to Do Now to Keep Safe

Copay and Bitpay Wallet Apps Were Infected With Malicious Code The Bitpay team warns that anyone using a Copay app from version 5.0.2 to 5.1.0 should not open it again. Users should first update their affected wallets and then send all funds from affected wallets to new version 5.2.0 wallets. Users should not attempt to move funds to new wallets by importing affected backup phrases, as they should assume that the corresponding private keys may have been compromised.

If you use the Bitcoin.com wallet you have not been affected by this issue at all, so you don’t need to do anything. “Our wallet doesn’t use the compromised ‘package,’ so we’re completely out of trouble for this one,” explains the Bitcoin.com wallet development team. “We’re operating as normal, we have never used that package and will never use it.”

Do you use an affected Copay wallet? Share your thoughts in the comments section below.

Images courtesy of Shutterstock.

Verify and track bitcoin cash transactions on our BCH Block Explorer, the best of its kind anywhere in the world. Also, keep up with your holdings, BCH and other coins, on our market charts at Satoshi’s Pulse, another original and free service from Bitcoin.com.

Show comments

In Case You Missed It

700,000 Expedia Hotels Can Now Be Paid With Cryptocurrencies via Travala

More than 700,000 Expedia Group hotels and accommodations are now available via crypto-friendly travel booking platform Travala. Bookings can be paid with more than 30 cryptocurrencies, including bitcoin. Despite covid-19, Travala saw a 170% increase in booking revenue from its ... read more.

The Tokenized Metaverse: Non-Fungible Token Sales to Surpass $100 Million

On July 1, 2020, the partner of Polynexus Capital, Andrew Steinwold, detailed that the sales of blockchain-powered non-fungible tokens (NFTs) are about to cross the $100 million mark. The popularity of NFTs has grown massive since 2017, as blockchain cards, ... read more.

Bitcoin Volatility Hits Three-Year Low, Sparking Fears of Massive Sell-Off

The cryptocurrency data analytics and research company, Skew has warned that bitcoin could see a massive sell-off due to declining volatility. The data analytics firm says that bitcoin (BTC) realized volatility hit 20% over the past 10 days - it's ... read more.

European Blockchain Ecosystem Needs €350 Million for the Next 18 Months

A study report by Leadblock Partners, an appointed representative of Sapia Partners LLP, finds an accelerating growth of the European blockchain ecosystem.The findings of the Leadblock Partners study suggest European respondents have a funding need for €350 million for the ... read more.

Crypto Derivatives Volumes Crash 36% to $393 Billion in June, a Low for 2020

Crypto derivatives trading volumes plunged 36% to $393 billion in June, the lowest they have reached in 2020, according to a new report by Cryptocompare. The decline may be the result of a lull in investor interest in the instruments ... read more.

South African Investors to Lose $13 Million as Bitcoin Scammer Declared Bankrupt

A South African high court has declared an alleged bitcoin scam mastermind, Willie Breedt, bankrupt. The court decision follows an application by one disgruntled investor, Simon Dix, a News24 report states. Willie Breedt is the CEO of the defunct Vaultage ... read more.

Encryption Crackdown: Private Phone Network With 60,000 Users Dismantled by Law Enforcement

An international law enforcement team has brought down an encrypted phone network with 60,000 users worldwide. The platform was one of the largest providers of encrypted communications, widely used by organized crime groups. UK's National Crime Agency (NCA), Europol, Eurojust, ... read more.

Bitcoin.com Wallet Launches New Portfolio Breakdown and Stablecoin Swap Features

With over 11 Million Bitcoin.com Wallets created, we’re building new features our users need most in order to enjoy the best possible cryptocurrency experience. Our wallet’s latest features now provide seamless swaps between bitcoin (BTC), bitcoin cash (BCH), and the ... read more.

Tiktok Ban: US May Join India in Banning Chinese Social Media Apps

The Trump administration is looking at banning Tiktok and other Chinese social media apps, according to Secretary of State Mike Pompeo. India has already banned Tiktok in its country, along with 58 other mobile apps. Recently, a Tiktok video about ... read more.

Escalating Bank Runs Spur Chinese Government to Require Approval for Large Cash Transactions

A series of bank runs has prompted the Chinese government to begin requiring approval for large cash deposits and withdrawals at commercial banks, starting with banks in a northern province. Recently, two bank runs happened within a week as people ... read more.

The most popular stablecoin tether (USDT) has officially been minted on the Bitcoin Cash blockchain via the Simple Ledger Protocol (SLP). At press time there’s only 1,010 SLP-based USDT in circulation, as the firm Tether Limited seems to be issuing ... read more.

Bitcoin Price Poised for 'Imminent' Breakout As Network Hashrate Hits Record Highs

The price of bitcoin could see an 'imminent' breakout, according to the latest Glassnode data. The data firm says bitcoin (BTC) has been flashing bullish for the past six weeks amid positive onchain activity. Meanwhile, the BTC network hashrate has ... read more.

Renters Threaten US Real Estate Market, 20 Million Americans Face Eviction

The aftermath of the coronavirus-provoked business shutdowns in the United States caused a number of market observers to focus on the U.S. real estate and rental markets. As the federal moratorium on evictions reaches its expiry, a recent Aspen Institute ... read more.

Crypto Facilities Gets FCA Nod to Set up Crypto Futures Venue

Crypto Facilities, a subsidiary of Kraken cryptocurrency exchange, has obtained a Multilateral Trading Facility (MTF) license from the UK’s Financial Conduct Authority (FCA).An MTF is a European regulatory term for a self-regulated financial trading venue. MTFs are an alternative to ... read more.

Major Indian Company TCS Launches Cryptocurrency Trading Solution for Banks' Customers

Leading Indian IT company, Tata Consultancy Services (TCS), is launching a cryptocurrency trading solution for banks to allow their customers to invest in cryptocurrencies. TCS is part of the Tata group, India's largest multinational business group, and is listed on ... read more.

Market Update: Crypto Assets Slowly Gather Gains, Bitcoin Needs Capital Inflow, ADA Jumps 85%

Cryptocurrency market prices have improved a great deal since our last market update, as the overall market capitalization of all 5,700+ coins has gained $16 billion since June 14. Most of the top digital assets have remained in a consolidated ... read more.

About 90% of Bitcoin Investors Worried About Fate of Their Assets After Death: Study

Nearly 90% of cryptocurrency investors worry about what will happen to their assets after they die, but few plan appropriately. Younger investors are particularly culpable, barely thinking beyond their own lives. According to a new study by the Cremation Institute, ... read more.

Permissionless Software Foundation Aims to Foster Open-Source Software With Bitcoin Cash

Just recently, Bitcoin Cash proponents were introduced to a new foundation called the “Permissionless Software Foundation” aimed at spreading Bitcoin Cash and SLP token technology. This week an organization called the “Permissionless Software Foundation” (PSF) revealed an announcement to the ... read more.

John McAfee Launches Ghost Phone Service to Supplement His Cryptocurrency

Two-time U.S. presidential candidate John McAfee has launched a privacy-centric cell phone data service. McAfee said that his Ghost cell phone data service offers 4G data without using a physical SIM card, is compatible with most major phones, and works ... read more.

'Bitcoin Is Not a Privacy Coin' Says Crypto Evangelist Andreas Antonopoulos

Andreas Antonopoulos discussed how he desired to see Bitcoin have more “privacy features” in a recent live stream Q&A session published on Youtube on July 7. Antonopoulos discussed the privacy-centric coin monero and concepts like stealth addresses and ring signatures. ... read more.

Jeffrey Epstein Confidant Ghislaine Maxwell's Rumored Last Reddit Post Was About Bitcoin

The cryptocurrency community has been discussing the infamous Ghislaine Maxwell, the associate of the financier and convicted sex offender Jeffrey Epstein. Maxwell was recently arrested and many speculators think she may see the same fate as Epstein before she talks. ... read more.

Famous Malaysian Actor Fined for Stealing $50,000 Worth of Crypto From His Producer

A Malaysian court has fined famous local actor Mas Khan $4,000, or 26 months in jail, for stealing around $50,000 worth of cryptocurrency belonging to his producer, local media reported. Khan appears to have gained access to his boss' Datuk ... read more.

South African Crypto Investment Company Issued Cease And Desist Order In Texas

The Texas State Securities Board (TSSB) issued a cease and desist order Wednesday against on Mirror Trading International (MTI), Forexandbitcoin.com and four individuals involved in a multi-level marketing scam.Out of the four individuals, Cornelius Johannes Steynberg is a resident of ... read more.

China's Giant Ride-Hailing Service Didi to Pilot the Central Bank's Digital Yuan

The Chinese government and the country’s central bank, the People’s Bank of China (PBoC), are currently in the midst of testing a digital yuan or central bank digital currency (CBDC). Now the Chinese ride-hailing corporation Didi Chuxing will be trialing ... read more.

Centre Obliges Government Request, Freezes Address With $100,000 USDC

Centre Consortium has blacklisted an ethereum address holding $100,000 in USDC, a move that the entity says was "in response to a request from law enforcement." A joint venture between Circle and Coinbase, Centre is the issuer of the dollar-pegged ... read more.

Avalanche Launch Fumbles: 'A Highly-Sophisticated DDoS Attack Derailed Token Sale'

On July 8, 2020, some members of the cryptocurrency community were prepared to leverage the AVA Labs Avalanche (AVAX) token sale, in order to acquire some of the highly anticipated coin on Wednesday. However, due to “record-breaking demand” and a ... read more.

US Dollar Slump Incoming: Bank of America Sees 'Death Cross' as Confidence in Gold Rises

The US dollar is increasingly being viewed in a negative light by investors. Bank of America analysts are seeing a "death cross," a bearish technical formation suggesting that a period of dollar weakness is coming. Meanwhile, confidence in gold has ... read more.

Venezuela Seizes 315 Bitcoin Mining Rigs: Miners Discuss Illegal Confiscation, Police Extortion

The Venezuelan military has seized 315 Bitmain Antminer S9 bitcoin mining rigs it claims are not properly registered to operate in the country. Although cryptocurrency mining is legal in Venezuela, miners say they have been unfairly treated, citing illegal seizures ... read more.

Shariah Council Permits Cryptocurrency Investing and Trading

The Shariah Advisory Council of Malaysia's securities commission has advised that it is permissible to invest and trade cryptocurrencies on registered crypto exchanges. About 60% of the country's population are Muslims, many of whom have been reluctant to trade crypto ... read more.

Romanian Programmer Admits Conspiring to Create $722M Bitclub Ponzi Scheme

A Romanian man admitted Thursday to conspiring to engage in wire fraud and selling unregistered securities linked to Bitclub Network, a cryptocurrency mining Ponzi scheme worth at least $722 million. Silviu Catalin Balaci, 35, a Romanian citizen appeared before U.S. ... read more.

Bitcoin Bull Mike Novogratz Says to Hold More Gold Than Bitcoin

The billionaire investor Michael Novogratz recently detailed in an interview that he thinks global investors should hold more gold in their portfolios and own less bitcoin. Novogratz’s statements follow his recent advice last month when he said investors should “watch ... read more.

Bitfinex Must Face New York's Accusations Over the Loss of $850M in Co-Mingled Funds

The popular digital currency trading platform, Bitfinex must deal with the New York Office of the Attorney General (NYAG) over the alleged hiding of over $800 million in client and corporate funds. The NY state Supreme Court’s Appellate Division overruled ... read more.

Zimbabwe’s Battle To Control Currency Inadvertently Boosts Bitcoin Profile

Zimbabwe’s deteriorating economic situation is forcing authorities to sign off on some desperate and controversial decisions. Some of such decisions include the abrupt suspension mobile money as well as the recent designation of Zimswitch as a national payment switch. Reserve ... read more.

$424 Million and Numismatic Value: There's Only 20,000 Casascius Physical Bitcoins Left Unspent

For many years now physical bitcoins have been a very popular trend, but one specific type called the Casascius physical bitcoin collection has intrigued people for years. Last December, someone redeemed a 100 BTC Casascius bar and since then 560 ... read more.

Chinese Authorities Confiscate $15 Million in Cryptocurrencies, Arrest 10 Scammers

Chinese authorities have seized cryptocurrencies worth about $15 million while bringing down a scam involving fake Huobi tokens. In addition, ten people were arrested while luxury cars and real estate were confiscated. The police in the Chinese city of Wenzhou, ... read more.

Bitcoin Prize For Winners Of South Africa Mountain Bike Race

About 150 mountain bikers will compete at this year's edition of the Munga MTB race in South Africa. The race will commence in the first week of December. The top three finishers in each category will share the 1.5 bitcoin ... read more.

Bitcoin Script and Onchain Contracts: Two High-Level Programming Languages for Bitcoin Cash

Last May, the software developer and creator of revoke.cash, Rosco Kalis, released Cashscript version 0.4 that included a number of optimizations. Cashscript’s new website highlights the high-level language that “offers a strong abstraction layer over Bitcoin Cash' native virtual machine, ... read more.

'Fiat and Money Printing' Street Mural Earns $500 in Bitcoin Donations in Five Days

A Parisian street artist is receiving hundreds of dollars every day in bitcoin donations from his painting that speaks about "fiat and money printing." Pascal Boyart’s latest mural, “Confessions of a Red Jester”, is a modern interpretation of the 1862 ... read more.

News

Copay and Bitpay Wallet Apps Were Infected With Malicious Code

Someone Might Have Been Able to Steal Private Keys

What Copay Wallet Users Need to Do Now to Keep Safe

Coinbase Wallet Adds Support for Short and 'Human-Friendly' Cryptocurrency Addresses

How to Recover Your Funds If You Lose Your Bitcoin Wallet

ModiHost’s Token Is Live on HitBTC, the Leading European Bitcoin Exchange

Buy Stablecoins With Your Credit Card in Lumi Wallet

Sparrow Raises USD 3.5 Mil in Series A Funding

Someone Might Have Been Able to Steal Private Keys

What Copay Wallet Users Need to Do Now to Keep Safe

Coinbase Wallet Adds Support for Short and 'Human-Friendly' Cryptocurrency Addresses

How to Recover Your Funds If You Lose Your Bitcoin Wallet

Tags in this story

ModiHost’s Token Is Live on HitBTC, the Leading European Bitcoin Exchange

Buy Stablecoins With Your Credit Card in Lumi Wallet

Sparrow Raises USD 3.5 Mil in Series A Funding