Digital Forensics Dispatch

Digital Forensics Blog
by Sensei Enterprises, Inc.

Critical Bug in Everscale Wallet Could Lead to Stolen Cryptocurrencies

April 28, 2022

Ravie Lakshmanan of The Hacker News recently wrote about a critical bug in the cryptocurrency wallet Ever Surf. The vulnerability in the cryptocurrency wallet could allow for attackers to gain full control of the user’s wallet.

Ever Surf is a crypto wallet that uses the Everscale blockchain (formerly FreeTON) and also doubles as a messaging application for cross-platform communications. Users can also use the application to send and receive non-fungible tokens (NFTs).

The bug in the application allows for an attacker to make use of different attack vectors, such as malicious browser links or phishing to obtain the wallet’s encryption keys and seed phrases that are being stored in a browser’s local storage. If an attacker gains access to that information, they can get access to the wallet and siphon the funds from it.

A new desktop application has been released to replace the vulnerable web-based application.

 Email:    Phone: 703.359.0700
Digital Forensics/Cybersecurity/Information Technology