Blockchain News

MyAlgo Users Urged to Withdraw as Cause of $9.2M Hack Remains Unknown

MyAlgo, a provider of wallets for the Algorand network, has advised its customers to withdraw money from any wallets made with a seed phrase due to an ongoing exploit that has resulted in the theft of money estimated to be worth $9.2 million.

On February 27, MyAlgo tweeted the recommendation along with the statement that it is still unsure of what caused the most recent wallet breaches and urged “everyone to take cautious steps to secure their money.”The team posted an alert earlier on February 27 about a “targeted assault […] carried out against a bunch of high-profile MyAlgo accounts” that seemed to have taken place during the previous week.

ZachXBT, the self-described “on-chain detective,” said in a tweet on February 27 that it is believed the hack has stolen approximately $9.2 million, and the cryptocurrency exchange ChangeNOW was able to freeze over $1.5 million in cash.

According to MyAlgo, individuals who had mnemonic wallets with the key kept in an internet browser were particularly vulnerable to the hack. A private key is often generated via a 

mnemonic wallet using between 12 and 24 words.

On February 27, John Wood, the Algorand Foundation’s chief technical officer, tweeted that the attack had impacted around 25 accounts.The attack, he said, “is not the outcome of an inherent problem with the Algorand protocol” or its software development kit.

On February 27, the developer collective, which focuses on Algorand, published a paper that ruled out a number of potential attack routes including malware and operating system flaws.

According to the research, the “most plausible” scenarios included either targeted exfiltration of unencrypted private keys from MyAlgo’s website or socially engineered phishing attempts that compromised the affected individuals’ seed phrases.According to MyAlgo, it would keep collaborating with law enforcement and carry out a “thorough investigation to ascertain the underlying cause of the assault.”


Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.