Algorand-based wallet provider MyAlgo has cautioned users to withdraw assets from all wallets created with a mnemonic phrase as the company continues investigating an exploit that led to a $10 million loss.

The wallet provider tweeted on February 26, warning users that “a targeted attack was carried out against a group of high-profile MyAlgo accounts.”

MyAlgo Urges Users to Withdraw Funds

MyAlgo further explained that the attacked users had significant amounts of assets in their accounts and were using mnemonic hot wallets with private keys stored in the browser. The exploit did not affect hardware wallet users, the team added.

The wallet provider said it was working with affected parties and authorities to investigate the incident. However, in a Monday update, the team strongly advised all users to transfer any funds from seed phrase wallets stored in MyAlgo as it still does not know the root cause of the hacks.

Over $9 Million Stolen

According to blockchain investigator ZachXBT, the hacker stole 19.5 million ALGO and 3.5 million USDC valued at $9.6 million from victims.

However, centralized exchange ChangeNow was able to freeze $1.5 million of the stolen funds after the attacker tried to launder the assets through the platform.

Algorand’s chief technology officer John Wood noted that the incident affected 25 wallets while clarifying that the exploit was not caused by an “underlying issue with the Algorand network or SDK.”

The CTO stated that he would make an explainer video covering how the exploit happened and how users can protect themselves once the investigation is concluded.

The post Algorand Wallet MyAlgo Warns Users to Withdraw Funds After $9.6M Exploit  appeared first on CryptoPotato.