KronosSlott
  • Altcoin
  • Bitcoin
  • Blockchain
  • Ethereum
  • Litecoin
  • Gambling

Subscribe to Updates

Get the latest Crypto news from kronosslott.

What's Hot

Price Prediction: By February 9, 2023, Zilliqa (ZIL) Value Will Increase to $0.045938

February 4, 2023

Sberbank Aims To Have Own DeFi Platform Up And Running By May

February 4, 2023

Casper Price Soars To $0.04 As Bulls Stay In Check – $0.055 CSPR Incoming?

February 4, 2023
Facebook Twitter Instagram
  • Affiliate Disclosure
  • Anti Spam Policy
  • Cookie Policy
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram
KronosSlott
  • Altcoin
  • Bitcoin
  • Blockchain
  • Ethereum
  • Litecoin
  • Gambling
KronosSlott
Home » Security Alert – Smart Contract Wallets created in frontier are vulnerable to phishing attacks

Security Alert – Smart Contract Wallets created in frontier are vulnerable to phishing attacks

adminBy adminOctober 11, 2022No Comments3 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
The Devcon VI Manual | Ethereum Foundation Blog
Share
Facebook Twitter LinkedIn Pinterest Email


Affected configurations: All smart contract wallets created using Ethereum Wallet  Frontier, version 0.4.0 (Beta 7) or earlier. Wallets created with Ethereum Wallet 0.5.0 and all later versions released after March 3, 2016, are not affected.

Likelihood: Low

Severity: High

Summary:

Do not use wallet contracts or owner accounts of those wallets that were created by the Ethereum Wallet 0.4.0 or earlier. If you send to (or interact with) a malicious contract it could take ownership of your wallet contract. Create a new wallet and move your funds.

How to be super safe??

Don’t use the vulnerable wallet contracts, AND the owner accounts of these wallets to send ether and interact with contracts you don’t know!
If you don’t use these accounts and wallets, and upgrade your wallet as 
described here, you are safe!

Details:

An attack vector was discovered that affects the smart contract wallets created before the Homestead release (Frontier phase). The attack can happen if an affected wallet interacts with a malicious contract OR if the owner account of an affected wallet interacts with a malicious contract that knows the address of his wallet. An attacker can then impersonate the owner and thus can steal funds or tokens and change the owner of the wallet.

If you do not use your wallet and owner accounts with contracts you don’t know, you are safe!

Receiving Ether and sending Ether to non-contract accounts is fine.

Also if you configured your wallet with multisig, you are safer, as the attacker would need to make you send with all owners to malicious contract(s).

 

Proposed solution:

We recommend that if you created a wallet using the affected versions, you take one of these steps:

  • Create a new wallet with the latest version of Ethereum Wallet (any version from 0.5.0 or newer) and move your funds there. You can follow these steps.
  • Until you do the above, do not use any account which is an owner of an affected wallet, or the affected wallet itself to interact with closed source or otherwise unknown contracts that might trigger arbitrary actions (including forwarding Ether). Send/interact only to addresses you own, or know!
  • Create a secondary account for your every day usage. This one should not be connected to your contract wallets

 

Remedial action taken by Ethereum Foundation:

We created a new Ethereum Wallet release 0.7.6, which will detect your vulnerable wallets.

Download the latest release and follow the steps described in the release notes to update your vulnerable wallets!

https://github.com/ethereum/mist/releases/tag/0.7.6



Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
admin
  • Website

Related Posts

Grantee Roundup – Q1 2023

February 3, 2023

EF-Supported Teams: Research & Development Roundup

December 29, 2022

KZG Ceremony Grant Round | Ethereum Foundation Blog

December 15, 2022

Comments are closed.

Don't Miss

Price Prediction: By February 9, 2023, Zilliqa (ZIL) Value Will Increase to $0.045938

Blockchain February 4, 2023

Join Our Telegram channel to stay up to date on breaking news coverage Zilliqa is…

Sberbank Aims To Have Own DeFi Platform Up And Running By May

February 4, 2023

Casper Price Soars To $0.04 As Bulls Stay In Check – $0.055 CSPR Incoming?

February 4, 2023

ETC/USD Prepares for $30 Resistance

February 4, 2023
Stay In Touch
  • Facebook
  • Twitter
  • Pinterest
  • Instagram
  • YouTube
  • Vimeo
Our Picks

Price Prediction: By February 9, 2023, Zilliqa (ZIL) Value Will Increase to $0.045938

February 4, 2023

Sberbank Aims To Have Own DeFi Platform Up And Running By May

February 4, 2023

Casper Price Soars To $0.04 As Bulls Stay In Check – $0.055 CSPR Incoming?

February 4, 2023

ETC/USD Prepares for $30 Resistance

February 4, 2023

Subscribe to Updates

Get the latest Crypto news from kronosslott.

About Us
About Us

Your source for the serious news. This website is crafted specifically to for crazy and hot cryptonews. Visit our main page for more tons of news.

We're social. Connect with us:

Facebook Twitter Pinterest YouTube WhatsApp
Categories
  • Altcoin (4)
  • Bitcoin (2,020)
  • Blockchain (845)
  • Ethereum (321)
  • Gambling (2,082)
  • Litecoin (60)
  • NFTs (2)
Our Picks

Price Prediction: By February 9, 2023, Zilliqa (ZIL) Value Will Increase to $0.045938

February 4, 2023

Sberbank Aims To Have Own DeFi Platform Up And Running By May

February 4, 2023

Casper Price Soars To $0.04 As Bulls Stay In Check – $0.055 CSPR Incoming?

February 4, 2023
©2022 –Kronosslott. All Rights Reserved. Kronosslott.com is an independent i-Gaming news site and casino comparison service. Every effort is made to ensure that the bonus offers listed here are accurate and up-to-date. However, we accept no responsibility for inaccuracies or errors. It is your responsibility to confirm the terms of any promotion you choose to accept. Looking to Advertise with us? Kronosslott is always looking for new partnerships. To Inquire please email kronosslott@gmail.com

Type above and press Enter to search. Press Esc to cancel.