ScaleBit: Found a 0-day vulnerability that can transfer all assets on Uniswap Wallet | PANews

ScaleBit: Found a 0-day vulnerability that can transfer all assets on Uniswap Wallet

PANews reported on January 10 that the ScaleBit security team under BitsLab published a post stating that in October 2024, the ScaleBit security team under BitsLab discovered a vulnerability in the Uniswap iOS wallet, named "Unauthorized access to mnemonics". The vulnerability allows attackers with physical access to the device to bypass the wallet's authentication mechanism and directly access the mnemonics stored in the device.

The root cause of this vulnerability is the design flaws in the storage and access mechanism of the mnemonic. The mnemonic is not effectively encrypted at the application layer, and the triggering conditions of the recovery page are unreasonable, allowing attackers with physical access to the device to easily bypass the wallet's authentication mechanism and directly obtain the mnemonic in the wallet.

Currently, the vulnerability still exists in the latest version of Uniswap Wallet (Version 1.42), which brings potential risks to all users of the wallet. Therefore, users need to pay special attention to the physical security of the device during use to avoid leaking the unlock password or lending the device to others.

Share to:

Author: PA一线

This content is for market information only and is not investment advice.

Follow PANews official accounts, navigate bull and bear markets together

PANews WeChat Group

Telegram Discussion Group

Telegram News Channel

Recommended Reading

PA一线

09/26/2025, 12:39 PM

Warning: Fake Uniswap website ranks first in Google search results

PA一线

07/21/2025, 01:51 PM

A user lost $1.23 million in assets due to mistakenly entering a phishing website

PA一线

06/21/2025, 12:30 AM

Uniswap and Morpho and other institutions cooperate to develop Web3SOC, a security and governance framework designed for compliance

PA一线

05/28/2025, 01:07 PM

Euler will launch EulerSwap, a DEX platform integrating lending income

YBB Capital

02/27/2025, 03:00 AM

Open Intents: Can ERC-7683 become the "Walmart" supermarket for inter-chain intent collaboration on Ethereum?

PA日报

02/26/2025, 10:02 AM

PA Daily | Hemi mainnet will be launched on March 12; Binance CEO said the current market adjustment is a tactical retracement rather than a trend reversal

Trending:BTC Ethereum Stablecoins Prediction Market Trump Binance OKX USDT DeFi AI Federal Reserve Chairman

Popular Articles

NVIDIA GTC Conference Guide, including conference background, five core technology themes, etc.

数解2026年至今资产表现：比特币表现最差，原油最佳

对话a16z联创Marc Andreessen：创始人最好不内省，人类对待新事物总伴随着恐慌

Karpathy urgently deleted its database! An AI-generated doomsday image went viral, threatening the jobs of 60 million white-collar workers.

Trading Moments: Bitcoin breaks through 74,000 with seven consecutive days of gains; the 71,300 CME gap still needs to be watched out for; whales and institutions are hoping ETH can break through 2,400.

Industry News

Market Trends

Curated Readings

PANews App

24/7 blockchain news tracking and in-depth analysis.

Download PANews App

App Store Google Play