Algorand-based wallet provider MyAlgo has once again urged its users to withdraw their funds following a security breach in February that appears to remain unresolved.
The warning comes as decentralized exchange Algodex revealed that a malicious actor had infiltrated the company’s wallet on March 5, in an incident similar to those occurring elsewhere in the Algorand ecosystem.
According to Algodex, the breach occurred during the early hours of March 5, and the company had taken precautions before the attack, including moving the bulk of its USD Coin (USDC) and native Algodex (ALGX) tokens to secure locations.
However, the infiltrated wallet was tied to Algodex’s liquidity rewards program and was responsible for providing extra liquidity to the ALGX token.
The malicious actor was able to remove the Algo and ALGX in the Tinyman pool created by the company to provide additional liquidity to the ALGX token, resulting in the theft of $25,000 in ALGX tokens allocated for liquidity rewards.
Algodex has stated that it will replace the stolen tokens in full and emphasized that the total loss from the theft was less than $55,000. Algodex users and the liquidity of ALGX were not affected by the attack.
Meanwhile, MyAlgo has renewed its warnings for users to withdraw their assets or rekey their funds to new accounts as soon as possible. The breach in February appears to have left some issues unresolved, and the warning is a proactive measure aimed at protecting users’ assets.
The Algorand Foundation’s chief technology officer, John Wood, confirmed that around 25 accounts were affected by the exploit, highlighting the importance of users taking steps to secure their accounts.
These incidents underscore the need for continued vigilance when it comes to cryptocurrency security, particularly as the technology becomes more mainstream.