Layer 1 blockchain Near Protocol informed users about a bug it discovered in June that revealed sensitive information to a third party.

The network announced this in a blog post released on August 4 saying it was able to rectify the issue on the same day.

As part of ongoing discussion around the changes to https://t.co/h8J7uvV1SH and recent news stories concerning vulnerabilities on other wallet platforms this week, @NEARFoundation has created a thread discussing the state of security around NEAR’s web wallet. — NEAR Protocol | NEARCON.org | Lisbon | Sept 11-14 (@NEARProtocol) August 4, 2022

According to the post, “a code change nevertheless resulted in the collection of sensitive data for some users who had used email or SMS recovery with their wallets.”

Fortunately, blockchain security company Hacxyk noticed the bug and reported it to the team, who quickly fixed it. In addition, Hacxyk got a bounty reward for the alert.

Back in June, we found a bug in @NEARProtocol wallet that was almost the same as the recent Solana wallet hack. When a Near wallet user chooses "email" as the seed phrase recovery method, the seed phrase is leaked to a third party site. https://t.co/gHWhmxE3Sm pic.twitter.com/MK31xUeAeL— Hacxyk. (@Hacxyk) August 4, 2022

The network claimed that its wallet team immediately handled the situation by scrubbing “all sensitive data” and identifying those who might have had access to it.

“To date, we have found no indicators of compromise related to the accidental collection of this data, nor do we have reason to believe this data persists anywhere,” it added.

The announcement comes amid the series of exploits and hacks that have rocked the crypto space in August.

Nomad Bridge lost over $190 million to a “decentralized robbery.”

Celsius announced that a malicious third party might have breached users’ data through a leak from an employee of its messaging partner, Customer.io.

Additionally, thousands of Solana wallets got drained in an attack that lasted for hours and resulted in a loss of over $5 million.

With the almost breakneck speed of exploits, Near Protocol is also sharing its experience and alerting users so they can be extra careful and take all necessary steps to prevent exploits.

Thus, it asked users who used their SMS or email for account recovery to rotate their keys to be on the safer side. They can do this on wallet.near.org.

Meanwhile, the network stated it would no longer let users use their SMS or email for recovery when they create an account. 

It also advised users to opt for cold wallets like Ledger, which offers more security. In addition, users should never give out their private or recovery keys.

What do you think about this subject? Write to us and tell us!
The post Near Protocol Offers New Security Directives Amidst Crypto Market Breaches appeared first on BeInCrypto.
Original Source: Be In Crypto Near Protocol Offers New Security Directives Amidst Crypto Market Breaches