Algodex reveals wallet infiltrated by 'malicious' actor as MyAlgo renews warning: Withdraw now

cointelegraph.com:

Algorand-based wallet provider MyAlgo has again urged users to withdraw their funds after a February security breach which doesn’t appear to have been resolved.

Update: Funds are still being actively drained from MyAlgo users. https://t.co/fzkS9PFkAm pic.twitter.com/cgrWigu2Wn

Meanwhile, decentralized exchange Algodex has revealed a malicious actor infiltrated a company wallet on Mar. 5 in what “appears to be similar to what is currently happening in the Algorand ecosystem,” it said in a Twitter post.

In a Mar. 6 post, Algodex explained that during the early hours of the previous morning, a company wallet was infiltrated by a malicious actor.

According to Algodex, precautions were taken before the attack, including moving the bulk of their USDC and treasury tokens ALGX tokens to secure locations.

#PeckShieldAlert @AlgodexOfficial reported that a malicious actor infiltrated 1 of their corporate wallets (w/s ~55k)The exploit seems to share similarities with the ongoing incidents in the #Algorand ecosystem@myalgo_ alerted users to withdraw funds/rekey funds to new account https://t.co/G7nhlzMebF

However, the infiltrated wallet was tied to Algodex's liquidity rewards program and was responsible for providing extra liquidity to the ALGX token.

"This resulted in the malicious actor being able to remove the Algo and ALGX in the Tinyman pool created by us to provide additional liquidity to the ALGX token," Algodex said.

The exchange noted that $25,000 in ALGX tokens meant to provide liquidity rewards were taken but said it would replace this in full.

It added that the total loss from the theft was less than $55,000, but Algodex users and the liquidity of ALGX were not affected.

Meanwhile, the wallet provider for the Algorand network,