Crypto wallet provider Tangem recently addressed a critical security flaw in its mobile app that inadvertently exposed users' private keys during email interactions with customer support.
The vulnerability, first brought to light in a Reddit post by user "u/areklanga" on 29 December, revealed that private keys were being stored in email histories, potentially accessible to Tangem employees.
The user stated:
“So, user private keys remain in both user email history, Tangem email history, and perhaps in some Tangem ticket tracking system and are available for Tangen employees. Which makes all Tangem users compromised.”
Following intense scrutiny from the community, Tangem acknowledged the issue on 30 December, attributing it to a bug in the app's log processing function.
The company assured users that the bug had been "fully resolved" and emphasized its limited scope, affecting only those who generated a seed phrase and immediately contacted support.
Tangem said in a statement on Reddit:
“When creating a wallet with a seed phrase, the private key was mistakenly logged in the application's logs. These logs could later be accessed during interactions with our support team.”
Tangem also confirmed that all affected logs had been deleted.
While the swift resolution offers some reassurance, the incident has ignited broader concerns about security practices and transparency within the crypto wallet space, challenging Tangem to rebuild trust among its users.
Despite Tangem's swift action to resolve the security vulnerability, concerns have emerged within the crypto community about the company's approach to communication.
Critics pointed to the absence of public announcements on Tangem's official social media channels, leaving many users unaware of the issue.
One Reddit user noted:
“I find it frustrating how Tangem is downplaying the scope of this event. While they claim that only a "very small group of users" sent an email with their keys, how many users had their keys written in plain text to their phones in a log file?”
As of now, Tangem has yet to issue a formal statement on its social platforms regarding the incident.
However, they did respond to a user's comment on X (formerly known as Twitter).
In the meantime, the company has urged users to update their mobile apps to the latest version to ensure protection against the identified risk.
The situation raises important questions about the balance between transparency and timely action in maintaining trust within the crypto space.
Toei Animation has teamed up with Wemade to create DenDenGarden, a blockchain-based game featuring NFTs from the DenDekaDen series. The game aims to expand into global markets, including Japan, Southeast Asia, and North America, with hopes of tapping into the growing blockchain gaming trend.
WeatherlyHong Kong is proposing tax exemptions on profits from cryptocurrencies and other alternative assets to attract wealthy investors and boost its status as a global wealth management hub. The policy aims to expand exemptions to various investment funds, including family offices, pension funds, and private equity, while fostering blockchain innovation.
AnaisCanada's Competition Bureau has filed a lawsuit against Google, accusing the tech giant of abusing its dominant position in the online advertising market to stifle competition. The Bureau seeks remedies, including selling two of Google's ad tech tools and imposing financial penalties to address these alleged anti-competitive practices.
WeatherlyJustin Sun ate a $6.2 million banana from Maurizio Cattelan’s *Comedian* artwork at a live-streamed event in Hong Kong. The controversial act, following Sun's auction purchase, highlighted the intersection of art, cryptocurrency, and personal branding.
AnaisElon Musk has filed a legal challenge to stop OpenAI from becoming a fully for-profit company, claiming it violates its original mission and harms competition. He also accuses OpenAI and Microsoft of using their partnership to block funding for rival AI companies like his own xAI.
WeatherlyRobert Kiyosaki predicts Bitcoin could drop to $60,000 but remains confident in its long-term potential, planning to buy more if the price falls. He forecasts Bitcoin could reach $250,000 by 2025 and even $500,000, according to an AI model.
AnaisFive South Korean fugitives were arrested in Muntinlupa for a $2.9 million cryptocurrency scam, while a sixth was caught in Pasay for larceny. Separately, an Indonesian drug courier was denied entry at NAIA and sent back to Bangkok.
WeatherlyMalaysian music group KRU returns after a six-year break with their new single, "Voodoo," and a AI-generated music video. The band blends nostalgia and innovation, showcasing their growth while using AI to create digital versions of themselves for the video.
WeatherlyAI-powered virtual pets are gaining popularity in China, driven by the demand for emotional support and low-maintenance companionship. These pets, like Cupboo and Moflin, offer interactive experiences with advanced AI that can remember past interactions, engage in conversations, and even assist with tasks, appealing to a wide range of consumers.
AnaisBinance co-founder CZ welcomes the idea of a presidential pardon but has no interest in resuming his role as CEO. After pleading guilty to a felony and serving four months in prison, a pardon could redefine his opportunities in the crypto space.
Catherine