Price: $0.31599 -5.994%
Market Cap: 46.55B 1.4016%
Volume (24h): 5.46B 0%
Dominance: 1.4016%
Price: $0.31599 -5.994%
Market Cap: 46.55B 1.4016%
Volume (24h): 5.46B 0%
Dominance: 1.4016% 1.4016%
  • Price: $0.31599 -5.994%
  • Market Cap: 46.55B 1.4016%
  • Volume (24h): 5.46B 0%
  • Dominance: 1.4016% 1.4016%
  • Price: $0.31599 -5.994%
Home > Information news > Old Crypto Wallet Bug Puts $2.1 Billion At Risk: Unciphered

Old Crypto Wallet Bug Puts $2.1 Billion At Risk: Unciphered

Release: 2023/11/19 00:28 Reading: 224

Original author:CryptoPotato

Original source:https://cryptopotato.com/old-crypto-wallet-bug-puts-2-1-billion-at-risk-unciphered/

Old Crypto Wallet Bug Puts $2.1 Billion At Risk: Unciphered

Crypto cybersecurity firm Unciphered has unearthed a decade-old crypto wallet bug affecting browser-based wallets generated between 2011 and 2015.

The bug may allow nefarious actors to steal up to $2.1 billion from wallets on various networks, including Bitcoin (BTC), Dogecoin (DOGE), Litecoin (LTC), and Zcash (ZEC).

Discovering An Ancient Bug

In an interview with the Wall Street Journal, the Unciphered team explained that they’d accidentally discovered the bug during a failed attempt to recover an early investor’s $600,000 in lost Bitcoin (BTC).

The entrepreneur, Nick Sullivan, created his Bitcoin wallet back in 2014 using the website Blockchain.info (since renamed to Blockchain.com). Later, he accidentally lost access to his coins after wiping his computer’s memory without remembering to record his wallet’s private key.

At Sullivan’s request, Unciphered began searching for Sullivan’s coins in January 2022. Though they ultimately lacked enough information to get them back, they realized in the process that Blockchain.info’s code for creating random wallet keys – BitcoinJS – did not make all of its wallets random enough.

“BitcoinJS is terribly broken up till March 2014,” said Unciphered co-founder Eric Michaud. “Anyone directly using it is on the very high end of risk to attack.”

Another wallet site, Dogecoin.info, also used BitcoinJS, leaving many old Dogecoin users exposed to the same vulnerability.

Unciphered claims that wallets made before March 2012 contain $100 million in assets that could easily be hacked by a home computer user. Another $50 billion is held in wallets created between then and 2015, of which at least $500 million is vulnerable.

Cryptographers discovered flaws in wallet generation randomness back in 2014, and improved their methods since. Unciphered said it hadn’t discovered any wallets generated after 2016 suffering from weak randomness.

How to Tell Victims?

Unciphered came public with the vulnerability this week, but has been quietly warning affected users that their assets are at risk for months.

The challenge was convincing millions of victims to move their funds without revealing the vulnerability to thieves who would otherwise leverage it to steal coins.

Unciphered ultimately decided to go to the biggest site responsible for generating such wallets that might be in a position to discretely notify affected users. That site ended up being the one Sullivan used – Blockchain.com.

The site sent out emails to holders of over 1.1 million affected wallets and found a way to automatically update the wallets of anyone who visited its site.

“In crypto, you need to be pretty skeptical of people who call with something that sounds dramatic, because there are so many scammers,” Blockchain.com President Lane Kasselman said regarding Unciphered’s warning. “It was unclear who they were and what the scope of it was.”

Many affected users still haven’t been warned directly since the sites they used to create their wallets are now out of business.

The post Old Crypto Wallet Bug Puts $2.1 Billion At Risk: Unciphered appeared first on CryptoPotato.

Selected Topics

  • Dogecoin whale activity
    Dogecoin whale activity
    Get the latest insights into Dogecoin whale activities with our comprehensive analysis. Discover trends, patterns, and the impact of these whales on the Dogecoin market. Stay informed with our expert analysis and stay ahead in your cryptocurrency journey.
  • Dogecoin Mining
    Dogecoin Mining
    Dogecoin mining is the process of adding new blocks of transactions to the Dogecoin blockchain. Miners are rewarded with new Dogecoin for their work. This topic provides articles related to Dogecoin mining, including how to mine Dogecoin, the best mining hardware and software, and the profitability of Dogecoin mining.
  • Spacex Starship Launch
    Spacex Starship Launch
    This topic provides articles related to SpaceX Starship launches, including launch dates, mission details, and launch status. Stay up to date on the latest SpaceX Starship launches with this informative and comprehensive resource.
  • King of Memes: Dogecoin
    King of Memes: Dogecoin
    This topic provides articles related to the most popular memes, including "The King of Memes: Dogecoin." Memecoin has become a dominant player in the crypto space. These digital assets are popular for a variety of reasons. They drive the most innovative aspects of blockchain.