Coinomi claims blackmail after user reveals vulnerability in cryptocurrency wallet

The major cryptocurrency wallet Coinomi is calling out the user who found a security glitch in their wallet after losing a hefty amount of money in the theft. The wallet has been called out on Twitter by users that the said user is actually protesting his losses and the wallet should claim responsibility.

Warith Al Maawali, an Oman based cryptocurrency, and coding activist revealed a major vulnerability in the cryptocurrency wallet Coinomi. The wallet is reportedly sending the secret seed phrases without any encryption to the third-parties. This vulnerability allows hackers and scammers to use this secret phrase passed on in simple text and steal cryptocurrency from the users.

Maawali has since pinned a tweet mocking the Coinomi wallet and is currently standing at a loss of about sixty to seventy thousand dollars ($60 – 70k). He claimed that the steal was made possible through Coinomi wallet and the handling of information by the wallet is the reason behind his losses.

Maawali has explained that the wallet is using a Google spell checker and sending their secret keys to the Google server. Anyone using an interception software can actually track the phrase and use it to steal the funds from the account.

Thailand based security expert Luke Childs has also confirmed in a Tweet and a video that the wallet is indeed sending this information supposed to be private to the third party server and the information can be intercepted.

A thorough read of the conversation made public by the wallet after Maawali went public reveals that the Coinomi staff had been stalling the user for days pushing him to the point that he would share his losses to the public. He requested a refund of his assets, however, the wallet administration would not agree to him despite having believed him he would receive the bounty. Yet, the wallet also claimed that the hack was not proved to be a Coinomi issue in direct contradiction to their bounty offer to the user.