Exodus sent my Bitcoin to a mysterious address. Possible hack or MITM attack.
A few days ago, I tried to send Bitcoin to my Poloniex account from Exodus wallet. I've been waiting for the transaction to clear, and today it still hasn't. So, what's up?
I check the transaction ID (given to me by Exodus) on blockcypher and it tells me there is no transaction with that ID. Okay...
I check my destination address on blockchain.info and there is no record of any coins being sent to it.
I check my Exodus wallet address - there is a record of the coins being sent, but NOT to my Poloniex account. Instead, they were sent to a mysterious address. That address then sent the bitcoins through a whole bunch of addresses - definitely looks like a bitcoin tumbler.
Exodus tells me that my coins were sent to the correct address and gives me a fake transaction ID. In reality, they were sent to a totally different address which then passed them through a bitcoin tumbler. I recently updated Exodus using the official update from the Exodus website, so I'm thinking there was probably some malicious code slipped in there - either with a man-in-the-middle attack or from the Exodus website itself.
The updated package I downloaded is labelled as version 1.37.1, but the it has all the features of version 1.38.0. It also has a different sha256 checksum than the official version 1.38.0.
I know I'm never getting those coins back, but I want to put the message out there that Exodus might have a security breach. Also, don't do what I did. Read your download names and compare checksums!
[link] [comments]
Read More
