Share this article
Crypto Developer Komodo 'Hacks' Wallet Users to Foil $13 Million Theft
Cryptocurrency wallet developer Komodo has effectively hacked its own customers to protect their funds from an external attack.
Updated Sep 13, 2021, 9:17 a.m. Published Jun 7, 2019, 9:33 a.m.
Cryptocurrency wallet developer Komodo has effectively hacked its own customers to avert an attack that could have resulted in the theft of funds worth nearly $13 million.
A blog post from the npm JavaScript package repository, first reported by ZDNet, indicated that its security system raised an alert about a backdoor on June 5 that could have been used by hackers to rob users of one of Komodo's older wallets, Agama.
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
An audit showed a malware threat with the potential to steal cryptocurrency wallet seeds and logins.
To prevent hackers from taking advantage of the malicious code, Komodo and npm used the same backdoor to extract Agama users' funds and transferred them to a safe location away from hackers reach.
Npm said:
"After being notified by our internal security tooling of this threat we responded by notifying and coordinating with Komodo to protect their users as well as remove the malware from npm."
In a security alert, Komodo said: "After discovering the vulnerability, our Cyber Security Team used the same exploit to gain control of a lot of affected seeds and secure the funds at risk."
Komodo said it was able to safeguard 8 million tokens and 96 bitcoin, collectively worth nearly $13 million.
To prevent hackers from using their old seeds and paraphrases in the future, the developer advised Agama wallet users to move their funds to its newer wallet products and create new KMD and BTC addresses, as well as new passphrases.
code image via Shutterstock
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
Gemini Approved by CFTC to Offer U.S. Prediction Markets, Stock Surges Nearly 14%
The decision allows Gemini’s affiliate to offer supervised event-contract markets to U.S. users, adding regulated forecasting tools as the firm expands its product lineup.
What to know:
- Gemini said its affiliate, Gemini Titan, received CFTC approval to operate as a Designated Contract Market.
- The firm stated that the license enables it to offer regulated prediction markets to U.S. customers.
- The Winklevoss twins praised the decision as aligning with President Trump’s push for U.S. leadership in the crypto sector.
Top Stories
