Odaily星球日报讯 加密货币钱包服务商 Tangem 近日修复了其移动应用中的一项重大安全漏洞,该漏洞曾导致部分用户的私钥通过电子邮件被意外收集。此前,Reddit 用户对此提出质疑,指出 Tangem 将用户私钥暴露于电子邮件账户及其员工面前,威胁投资者资金安全。有用户指出,Tangem 未对问题给予恰当回应,且用户的私钥可能留存于多方邮件历史及工单追踪系统中,对所有 Tangem 用户构成安全威胁。 12 月 30 日,Tangem 承认问题并解释称,这是移动应用日志处理中的一个 bug,现已解决。在通过助记词创建钱包时,私钥被错误记录在应用日志中,这些日志在与支持团队互动时可被访问。同日,Tangem 发布了应用更新,但官网未提及具体细节。Tangem 还确认,已永久删除发送给支持团队的所有日志和附件,确保无数据残留。尽管 Tangem 表示该漏洞仅影响一小部分用户,但部分加密社区成员仍对其低调处理表示不满。截至 12 月 31 日,Tangem 未在社交媒体上发布相关公告。为防范潜在的私钥泄露风险,建议所有 Tangem 用户立即更新其移动应用。(Cointelegraph)
Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.