According to news on March 19, the blockchain security company Coinspect Security issued a document stating that through cooperation with the Algorand wallet MyAlgo, the root cause of MyAlgo’s hacking has been determined, and the official announcement will be made soon.
Currently, attacks are no longer active, do not exploit application bugs or vulnerable codebases, do not abuse browser features (such as autofill), private key encryption is not weak, open source MyAlgo components are unaffected.
In addition, the attacker decrypted the private key because they obtained the password, not due to an encryption vulnerability. For affected users, it is recommended to change the wallet password immediately and never reuse it.