There Was No Compromise of Duende Wallets
Previously, we’ve announced that there was a compromise of our wallet including Koolpeace and Duende.
The affected transaction was this: https://polygonscan.com/tx/0x0bde4f3c5c24e1030c91515cbcbacca99519457e34596df486b693156de65547
which resulted in loss of $7,398.00 worth of USDC.
As a follow-up, we implemented these measures:
However, it turned out that the movement of a fund was not because of the compromises of wallet seed or founder’s devices, but a sign that was done at a malicious web 3 domain with the Koolpeace wallet. We revoked the token allowance approval from all the connected web 3 addresses including the malicious addresses. We will soon re-submit to the Polygonscan Team to remove the “compromised address” warning.
Previously, we’ve reported that there was potentially a compromise of our wallet seed addresses. The problematic transfer we didn’t acknowledge was this:
https://polygonscan.com/tx/0x0bde4f3c5c24e1030c91515cbcbacca99519457e34596df486b693156de65547
As a result, we requested a labeling of “compromised seed wallet” warning as follows:
https://polygonscan.com/address/0xcb4e4c310eaa4c4f6da9d0543053c371a6a488a2
https://polygonscan.com/address/0xee5f7f36b71519a7d198f0714f134e2938a1617d
However, we’ve recently discovered that the transaction happened not because of the compromise of the wallet seed, but because of the approval of a malicious web 3 app. We have successfully revoked the approval from the malicious address which is:
https://polygonscan.com/tx/0x38e2201b8d617837d0bd9e6e8ced4ab9cbb52cf24a3dd1c57561c3e7093d3707
for the address: https://polygonscan.com/address/0xcea260c4b542ea47c0b7834020a082729672866a
Also, we revoked all the approvals for the possible misuses.
