CipherBlade Blockchain Security Firm Publishes Results Of Alledged Stolen Coinomi Crypto Funds
Maawali reached out to several media outlets with claims that because the cryptocurrency wallet, Coinomi had sent to Google, seed phases for spellchecks, his whole life savings was lost. His aim was to mount pressure on Coinomi into refunding his lost assets.
Warith Al Maawali, a cryptocurrency investor, previously claimed to have lost is entire life savings, between $60,000 and $70,000 on Coinomi a popular Android crypto wallet. He claimed that certain vulnerabilities on Coinomi caused the loss of his assets as the private key of his wallet was compromised.
However, after thorough investigation and research it is doubtful that Maawali’s funds were lost through any fault of the cryptocurrency wallet, Coinomi. It in fact, seems more likely that no funds were lost at all or his private key was compromised in some other way.
Coinomi, on the other hand, believes that Maawali was simply trying to extort the company.
On the seed phrase spell-check, Coinomi stated:
“The spell-check requests that were sent over to Google API were not processed, cached or stored and the requests themselves returned an error (code: 400) as they were flagged as “Bad Request” and weren’t processed further by Google”
CipherBlade, a blockchain security company after thorough investigation on the case, stated:
“Upon review of the publicly available facts, it quickly became apparent to the CipherBlade team that Al Maawali’s conduct is grossly inappropriate to the situation. We receive multiple messages on a daily basis from people seeking help regarding scams or hacks, and so we understand very well that victims can be emotional and even irrational — in the worst case yet, we’ve been forced to prevent a fraud victim from attempting to murder a suspect. And indeed, even well-composed individuals are often at a loss as to what the proper course of action is when they become the victims of such crimes. Nevertheless, given the public nature of the present incident, it is worthwhile using it as a case study.”
Possibility Of Seed Phase Storage Attack
According to the CipherBlade results, if an attack actually took place which is still questionable, this would have happened via the storage of the seed phase itself.
“For one thing, it is not clear how the seed phrase was stored and whether any other person might have had access to it in either electronic or physical form. For another, it is particularly noteworthy that Maawali states that he copy-pasted the seed phrase into the Coinomi application. Malware that monitors a computer’s clipboard for contents that have the format of private keys or seed phrases are a well-known threat to cryptocurrency users, and while Al Maawali emphasizes that none of his other wallets were compromised, he may not have recently pasted their seed phrases or private keys anywhere.”
Crypto researchers believe that Warith Al Maawali’s attempt to pressure Coinomi into refunding $70,000, was “Inappropriate” and he would have stood a better chance if only he followed the due process with law enforcement and exchanges, which would lead to a proper investigation into the said lost assets.
The assets are still being moved, although the majority of the funds are gone by now. Only 1.7 ETH is remaining from the initial over 35 ETH that was stolen. Ether is just one of a variety of cryptocurrencies stored on Coinomi.
Too Late For Recovery Now
The research found out they Binance was one of the platforms used to wash this asset via intermediary services.
However, if it is accepted that Maawali’s funds were truly stolen, it will be close to impossible to recover said funds directly.
It's important to note that for future cases like this, it's advisable to follow a more prudent approach in reporting them, with firms like CipherBlade, which will yield better outcomes.