My real BTC disapeared on Jaxx wallet

Bitcoin Questions and AnswersCategory: General questionsMy real BTC disapeared on Jaxx wallet
Marco Facci asked 1 month ago

Jaxx should be a wallet to keep your bitcoins and altcoins safe, but on October 15th I’ve made 2 BTC deposits from my digital currency exchange to my account on Jaxx. After the transaction showed on the history and the status was confirmed, I’ve notted that my balance was bigger than the bitcoins I’ve sent and, at the same time, the spendable money was lower that the the ammount I’ve sent , so I’ve contact them.
After some emails with Rhonda, they told me that my real balance is actual 0 (Zero), even the spendable showing a certain amount, meaning that I have no bitcoins available, what it’s impossible since I didn’t make any further transaction (withdrawl, deposit or change to another coin) since I’ve sent the bitcoins on Oct 15 th to my Jaxx wallet. I asked her to escalate this situation and she said she would do that, and this was the last communication with them on Oct 18th (after that I’ve sent 2 emails but nothing). I’ve tried to move my spendable money to check if it’s working, but it showed me an error so, bottonline, what I have now is that my bitcoins have gone!!

1 Answers
Steven Hay answered 1 month ago

Hi Marco,
 
Sorry to hear of your loss. Sadly, it seems that there is a known security vulnerability with the Jaxx wallet, which remains unpatched. Were you using the desktop version of their wallet? It appears this vulnerability does not affect the mobile version.
 
Here is the initial report (plus updates) on the vulnerability from vxlabs: https://vxlabs.com/2017/06/10/extracting-the-jaxx-12-word-wallet-backup-phrase/#orgef742ea
 
The takeaway is: “Even when your Jaxx has a security PIN configured, anyone with 20 seconds of (network) access to your PC can extract your 12 word backup phrase and copy it down. Jaxx does not have to be running for this to happen.”
 
I can’t say for sure what happened to your bitcoins but it seems like the likeliest explanation.

Steven Hay replied 1 month ago

Oh, just as a quick follow-up, we did warn about the Jaxx vulnerability right after it was discovered and advised against using Jaxx. I realise this doesn’t help you now but… always research every move you make in crypto as thoroughly as possible. Being your own bank is great but also carries some serious responsibility.

Your Answer
1 + 15 =