AnChain’s Analysis: BitPay’s Open Source Copay Wallet Discovers Security Vulnerabilities

Image for post
Image for post
  • On October 5th, the “flatmap-steam” code was updated with entrapped malicious code. Code reviewers merged them into the code base without careful inspection.
  • On November 26th, California based university students discovered that the confusing malicious code in the “event-stream” used by BitPay’s Copay wallet was triggered in the environment, stealing bitcoin in the wallet.
Image for post
Image for post

About AnChain.AI

A blockchain data analytics firm providing intelligence, indicators, and investigative resources for clients to enhance their security, risk, and compliance strategies.

Written by

Blockchain data analytics firm providing security, risk, and compliance solutions.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store