Several Crypto investors who use the Nami wallet have reported unauthorized Cardano (ADA) transfers from their wallets. The transaction involves moving ADA from their accounts to different Binance addresses and temporary wallets.
Nami Wallet is a browser-based wallet extension that is popular amongst Cardano users. The wallet can be used to send and store multiple digital assets. The selling point of the Nami wallet is its ability to be injected into browsers and connect with any website, making it easier to interact with decentralized applications.
According to security experts, the breach could be a result of weak user passwords, compromised devices, or hacked browsers and not necessarily a problem with the Nami wallet itself.
Investigations into these cases have revealed no common link among victims based on the decentralized apps (DApps) connected to their hacked wallets. This suggests that the issue is not with a single dApp or the Nami wallet but with the security precautions adopted by the users themselves.
Advertisement
Related Reading: Hackers Attack OpenAI CTO’s Twitter Account promotes crypto scam
Also, Forbes pointed out that the breaches could be a result of a potential “zero-day vulnerability” in the Google Chrome browser. For context, a zero-day vulnerability is an undiscovered flaw in a system or device. This vulnerability opens a defenseless gap in security that has not been noticed by the software makers thereby making it prone to hackers.
Therefore, if this is the case, it could pose a serious threat to every browser-based cryptocurrency wallet and not just the Nami wallet. It is important for investors who use these kinds of wallets to be security conscious and take additional measures to ensure that their digital assets are protected.
Measures such as the application of two-factor authentication (2fa) and a robust and hard-to-guess password can mitigate the risks of falling victim to hacks. In addition, a regular software update also goes a long way to prevent security gaps and thereby limit unauthorized access.