Critical Security Flaw Found in Nano’s New Android Wallet
Just hours after its June 21, 2018, release, the new Nano Wallet a critical security flaw was discovered that could compromise funds for Android users.
The wallet in question was the Android version of the new Nano Wallet available for iOS, Windows, Android, Mac and Linux — allowing users to send and receive Nano, automatically convert XRB to local currency, and request payments via text message.
Sounding the alarm, Nano developers swiftly requested all new wallet holders to move funds to another wallet:
Amidst a market-wide nose-dive, Nano XRB’s price appeared to remain largely unaffected by the announcement.
The error was not the doing of Nano, but in fact a third-party developer of XRB cryptocurrency wallets — the Nano Wallet Company. To date, neither party offered an official explanation of the what the Nano Wallet Company described as an “issue discovered related to random seed generation”.
The Nano Wallet Company, however, did beef up their original wallet release announcement with a touch of Public Relations — presumably wanting to distance Nano from the blunder:
“The Nano Wallet Company is a separate entity, unconnected to the Nano Foundation. While there is some overlap in those working for both companies, the Nano Foundation has no control over the wallets and no relationship with the Nano Wallet Company.”
Nano community members were quick to connect the dots to Nano’s previous security breaches. One user went as far as linking the wallet issue to February 2018’s Nano/Bitgrail saga — an alleged $150 million hack of XRB from the now-insolvent Bitgrail exchange.
— Prince Vegitto (@PrinceVegitto) June 21, 2018
While the patched Nano Wallet Android 1.0.2 has been released as a cryptographically-secure item, unconvinced XRB holders may opt for the newly Nano-friendly Ledger Nano hardware wallet.