The malware was deployed on versions 5.0.2 via 5.1.0 of its Copay and BitPay digital wallet apps, and can probably be accustomed to capture personal keys, hence stealing Bitcoin [BTC] and Bitcoin Cash [BCH].
Adding further BitPay said:
“However, the BitPay application wasn’t at risk of the malicious code. However, We are still working whether or not this code vulnerability was ever exploited against Copay users,”
The firm is asking users to not run or open the Copay wallet if they’re employing versions from 5.0.2 to 5.1.0. It’s currently has though released an updated version [5.2.0] without the malicious code for all Copay and BitPay case users that may be accessible in app stores “momentarily.”
BitPay stressed: “Users ought to assume that personal keys on affected wallets might have been compromised, hence they ought to transfer their funds to new wallets [v5.2.0] as soon as possible.”
Bitpay has conjointly suggested users to not transfer any funds to new wallets by importing their word backup phrases, since they correspond to “potentially compromised personal keys.”
“Users ought to 1st update their affected wallets (5.0.2-5.1.0) and so transfer all their funds from affected wallets to a new wallet on version 5.2.0, employing the Send Max feature to initiate transactions of all funds,” it explained.
The attack seems to own been conducted by a supposed developer referred to as Right9ctrl who took over the maintenance of the NodeJS library from its author that had no time for the work, ZDNet reports. The social engineering attack occurred regarding 3 months earlier once Right9ctrl was granted access to the repository, at that instance they injected the malware.