Wallets

Exodus and Neon Wallets: “Quite Vulnerable” to Hackers

Cryptocurrency online wallets are supposed to provide us the required safety and security to store our coins, but it is now exposed that two famous wallets, namely Exodus and Neon, are easily hackable. There are other wallets that are vulnerable to hackers as well, but we will focus on these two wallets, and you will learn something shocking. Let us explain in detail about the security flaw in these wallets, and how to secure our coins in these wallets, so that hackers cannot access them.

Hacking Exodus Wallet

It has been shown that the Exodus wallet can be hacked fairly easily. This can be done by just running a simple script written using the Python programming language in the background and dumping the memory onto a notepad. The script was run after the user logged into the Exodus wallet, and to our surprise, we were able to see the 12-word recovery phrase.

These malicious scripts can infiltrate a computer system through malware or a bot installed secretly on browsers. If we search through the system memory for a recovery phrase, we will be able to get them very quickly and easily. An experienced hacker can retrieve the keys even faster than us, since only very basic scripts were used in this example.

Below are the steps that were followed to retrieve the recovery phrase from the Exodus wallet:

  1. Log in to Exodus wallet using the password.
  2. The 12-word recovery phrase is already exposed in the memory.
  3. After running the python script to dump the memory, private keys were found.
  4. The memory dump also contained the 12-word recovery phrase for the Exodus Wallet. It was also easy to identify the phrase from all the other characters.
  5. We double checked and confirmed that the phrase matches with the one in our wallet.

Hacking Neon Wallet

The same approach was used with the Neon wallet, and instead of a recovery phrase, an attempt was made to find the private key.

Below are the steps that followed to retrieve the private keys from the Neon Wallet:

  1. Log in and noted the public key of the Neon wallet.
  2. The private keys were already exposed in the system memory the moment user had logged in.
  3. Python script was then run to dump the memory to get the results.
  4. The memory dump showed a few sets of keys and these were recorded on notepad.
  5. After trying the different possible private keys, the user was able to log in successfully.
  6. After clicking the received address, the same public address was visible that was there in step 1.

Advice to Users and Wallet developers

So, we now know that it is very easy for malware to grab your private keys by just sitting in the background, or as a bot in our browser waiting for you to open the above two wallets. Once you open the wallets, the hacker can easily grab your private keys and use that to login to another system to steal your funds.

Therefore, it is highly advisable for users to keep their wallets in a system that is offline and not used for day-to-day activities. It is also unfortunate that the developers don’t care about the basic security features for online wallets that store your precious cryptocurrencies. They need to tighten up the security and address this basic security flaw immediately to secure thousands of users who store their coins in these wallets.

Please note that the security vulnerabilities exposed here with the Exodus and Neon wallet are present in other cryptocurrency wallets as well. The purpose here was not single out these particular wallets. Instead, with this article, we intend to let our readers and crypto enthusiasts know that they should be careful where they keep their funds.