Jaxx Liberty Wallet showing link to phishing site

[fab12345]

sA friend of mine still had some cryptocurrency stored in the Jaxx Liberty Wallet. However, they were unable to transfer the funds to another wallet or exchange. The app, which was still installed on their phone, displayed a message saying: "Visit jaxxapp.com to update your app" (see attached image). jaxxapp.com will become jaxxupdate.com

When visiting the mentioned site, it asked for the private seed. This raised some concerns:

Is this a scam?
Is it possible for hackers to alter an old version of an official app to redirect users to malicious websites?
If so, how could they achieve this?
Looking forward to any insights or advice on how to proceed safely. Thanks in advance!



https://i.postimg.cc/QdXsMyQw/Whats-App-Image-2024-11-26-at-19-03-00-abdf159e.jpg

https://i.postimg.cc/TwPXcL79/Captura-de-tela-2024-11-27-124530.png

[DaveF]

Jaxx Liberty Wallet is gone.

https://blog.jaxx.io/sunsetting-jaxx-liberty-what-you-need-to-know/

Don't put the keys in some wallet / site that you don't know.
Get one of the known ones and use that one.

Without knowing what crypto you have in the wallet can't make a full recommendation but for BTC Electrum is always good https://electrum.org

-Dave

[Pmalek]

I assume you have made a backup of your recovery phrase. Jaxx Liberty was a non-custodial wallet, meaning you should have a seed phrase. It supports the BIP39 standard, so the seed can be imported in many alternative wallets. Which wallets(s) you should use depends on the assets you own. I would first create a new wallet using a tested software like Electrum, generate and make backups of the new seed, and then import the old Jaxx Liberty seed. When that is done, sweep the BTC to the new wallet. Do the same with your other cryptocurrencies. 

[ABCbits]

Is this a scam?

Yes, it's a scam.

Is it possible for hackers to alter an old version of an official app to redirect users to malicious websites?
If so, how could they achieve this?

Most likely no. To do that, the hacker usually need to have access to your friend device. And if a hacker actually can do that, he would do soemthing else to steal your friend's coin, credential and other personal data. While i don't know how Jaxx Libetry works, i would speculate the hacker buy expired domain which used by Jaxx Liberty to obtain certain data from internet.

[hugeblack]

The domain was created less than a month ago and it asks you to enter a wallet seed, so it is definitely a scam. You can recover your coins by downloading electrum with the BIP seed option.

[logfiles]

The malicious domains now seem to be down, thanks to someone who discovered and probably reported them. What makes me curious is how the hacker manage to push an update or a notification via an app that is run by someone else? Insider job by someone malicious?

[Pmalek]

What makes me curious is how the hacker manage to push an update or a notification via an app that is run by someone else? Insider job by someone malicious?

Remember Electrum and the arbitrary messages that node owners could push to users who connected to their servers to trick them into downloading fake software? I have never used Jaxx Liberty and I don't think it functions anywhere close to Electrum, but someone might have found a vulnerability. Or like you said, it's an inside job. The wallet isn't being maintained and the people behind it may nor care anymore what happens with it.

[hugeblack]

The malicious domains now seem to be down, thanks to someone who discovered and probably reported them. What makes me curious is how the hacker manage to push an update or a notification via an app that is run by someone else? Insider job by someone malicious?

If Jaxx Liberty Wallet is a malware or has a backdoor, it will ask users to enter seeds and steal funds, so it looks like a similar exploit to what happened with Electrum, and it seems like the scammer is running some nodes that broadcast phishing links.