Deep Tide TechFlow news, recently, the ScaleBit security team under BitsLab discovered a vulnerability in the Uniswap Wallet (iOS version), which BitsLab named 'Unauthorized Access to Mnemonic Phrase.' This vulnerability allows an attacker with physical access to the device to bypass the wallet's authentication mechanism and directly access the mnemonic phrase stored on the device. This means anyone who can access the unlocked device can obtain the wallet's mnemonic phrase within 3 minutes. In everyday scenarios, briefly borrowing someone else's phone is not uncommon, especially between couples and friends. However, under the impact of this vulnerability, such seemingly harmless borrowing behavior could directly lead to the leakage of the wallet's mnemonic phrase.
It is worth noting that this vulnerability still exists even in the latest version released on the App Store (Version 1.42). The BitsLab security team reminds all users: before this vulnerability is fixed, be sure to carefully protect the unlock permissions of the device and facial recognition information, and pay attention to official updates to avoid asset loss.