To those in the Crypto-space, there seems to be a newly-discovered vulnerability in the highly popular Jaxx cryptocurrency wallet that could possibility allow hackers easy access to your 12-word Wallet Back Up Phrase. It's been highlighted that Jaxx Developers are aware of this and have responded to the public that this Security Exploit does not fixing, reminding Users that Jaxx is a Hotwallet suitable for storing small amounts of Cryptocurrency
Monero Lead Developer Criticizes Jaxx Wallet Security
A Twitter post — tweeted by Riccardo “FluffyPony” Spagni, detailed how Vx Labs discovered the Jaxx vulnerability, as well as described how hackers could exploit the weakness:
Even Charlie Shrem, a known Bitcoin Enthusiasts and Jaxx Director of Business & Community Development responded to the Tweet
Unauthorized access to your Device Allows Hackers to retrieve your 12-word backup phrase, Vx Labs continued, they can easily recover your wallet and steal your money
“With the 12 word backup phrase, they can later restore your wallet, including all of your private keys, on their own computers, and then proceed to transfer away all of your cryptocurrency.”
Twitter post went on to provide a technical demonstration of the vulnerability and how it can be exploited, published by VxLabs. There is Link that describes in details about Jaxx Security vulnerability and how to take advantage of it, found at the Bottom of the Post
Jaxx Developer Response
Users soon react with skepticism, as it seems that Jaxx Developers say they are ‘Very Comfortable’ with how their Wallet works, regardless of this Security Flaws
Jaxx CTO Nilang Vyas entered the thread to address these concerns regarding Jaxx Security, his response however has raised concerns as he confirms that this is not a critical Jaxx Security Flaw but instead used it as an opportunity to explain major points about Jaxx current Security Model. Users unaware of this and were left with the idea that Jaxx is not ideally the safest way of storing ''life-changing'' amount of Cryptocurrency, as mention by Charlie Shrem in his Tweet
Nilang told Users that Jaxx Wallet was not meant to be used for long-term Cryptocurrency Storage. Initially designed to be a Hotwallet, Nilang said, Users ensure the full security of their devices to prevent theft.
“We are very comfortable with this security model for Hotwallets ” Nilang wrote.
“The fact is there will always be tradeoffs between user experience, portability and security and we believe we’ve struck a great balance.”
If you thought that JAXX is one of the most secure Cryptocurrency Wallet, then you should consider doing some in-depth research as clearly Developers have stated that Jaxx is not a recommended solution for storing large amounts Cryptocurrency Tokens. Since money is on the line, it is important that you Trust any Third-party services involved!
The reason this is made possible is due to the way the Jaxx wallet encrypted the mnemonic phrase. It uses a hardcoded encryption key, which is not the best option. Even if users enable an additional PIN code or strong password, that is not taken into consideration in the encryption process. This allows anyone to read and decrypt the recovery phrase from local storage using a simple tool and code. It appears this issue affects both desktop clients and browser plugins alike.
The Safest way to store Cryptocurrency is to use a Hardware Wallet like Trezor or The Ledger, especially when it comes to safekeeping a large portion of your Cryptocurrency Holdings. If you don't have funds consider getting Exodus, however if you're still a fan of Jaxx Services because it offers more support more Cryptocurrencies then you should consider diversifying your Tokens and avoid keeping it all in one nest, this means using multiple Jaxx Accounts on different devices for safety
Visit the official Site of VxLabs, the group behind the discovery of the Jaxx Back up Phrase Security Flaw, they also have a temporary solution on how to secure your Jaxx Wallet, that's if you're interested enough to learn how securely store Cryptocurrencies using Jaxx in the first place. I personally have a lot of different Wallets in order to diversify my holdings and would never use one platform to store all of my Tokens even if it's a Hardware Wallet. Because you never know what could possibly go wrong, always question any Service you're using especially when it comes trusting them with your hard-earned money. I would still consider using Jaxx Wallet, however I wouldn't fully depend on it's software to fully protect my Assets since you never know what exactly is going in the Digital Realm.
With Cryptocurrencies, you have to be your own Bank and need to take full responsibility especially if you're Investing, it is important to know that your Assets are kept in a secure environment. Keep Steem in your Steemit Account via Steem Power or Savings instead of leaving it on a Crypto-Exchange and remember to stay safe Online
By all mean if you need to store many coins get a Ledger Nano S Hardware wallet. Jaxx is a toy and apparently forever will be.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Well those are out of stock till end of July, I ordered one 2 weeks ago and will get it only in August if lucky
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Big Fan of Ledger Nano, definitely recommend those interesting in safekeeping large amounts Crypto to use a Cold Storage instead of a HotWallet. The chances of your Hardware Wallet getting Hacked is very slim, so definitely don't store on any Cryptocurrency on Exchanges, small amounts for Jaxx and large amounts are best kept stored offline on a secure dedicated device
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Huh, well soon we will see worms written to seek for those keys on personal computers and the scale of the problem will increase folds and folds.. this how a leading product and brand can be killed.. bad customer approach, unless Jaxx is developing hardware wallet and can position those as a solution, they will face a churn towards more secure wallets.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
I keep all of my wallets offline unless ther are in use. If the computer is powered off, it is hard to access.
2 coumputers. One for everyday use and one for crypto.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
which offline wallet would you suggest?
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Ironically, my favourite is still Jaxx. If you always assume that your wallet is not secure, then you try harder to protect it. ;-)
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Very informational thanks!!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Security has always been an issue and people have lost lots of money to hackers..Offline wallet is the solution...good post indeed
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
not cool
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
this is serious issue.. i am resteeming it...
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Yeah it is, I thought of Jaxx being one the most secure Crypto-Wallet out there. It probably still is, considering that many of us trust their services and when money is on the line, Security becomes our number priority now that we are in charge with being our own Bank. Even the Developers know the Risk of safely storing Cryptocurrency, recommending that we use Hardware Wallet, which is a good idea however you still got to trust a third party in the end of the day. Paper Wallets are the way to go but too complicated for some. It's best to just diversifying into multiple Cryptocurrency Wallets, since it's unlikely that Hacker can hack you on multiple devices at once
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
God dammit. Time to give Exodus a second chance!
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Exodus might have the same issue, as their code was audited like last year and it is not open source, besides, one drop is enough to collect all private keys/seeds/etc and then act on those somewhere in the future.. it is never safe to create any wallet while connected, here's how to best create an offline one: https://en.bitcoin.it/wiki/How_to_set_up_a_secure_offline_savings_wallet
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Could be serious for Jaxx users. This is why I never just jump on the bandwagon of new products.
Resteeming this. Please polish up on some of the misspellings in here if you get the time. Thanks for posting @steemitguide
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
That is why i keep all my money on the exchange
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
That's far worse than having it on our desktop.. Looks like you never heard of Mt Gox , how they stole over 400MUSD in BTCs from users
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
That's even worse to be honest.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Calm down, they can easily extract wallet but they can't easilly access your files. If they do, then you have much more problems than just jaxx.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Man, can you donate me 0.5 steem dollar?
As I wanted to invest in steem currency because I know it will definitely will rise in value.However, my dad was not allowing me to do that. Can you let to prove to my father that i am right? Thank you.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Hello @wallsnow
I will flag you if you do not stop this spam.
You will have to say I am sorry or ask why not if you do not want to be downvoted.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit