While the crypto community is still weathering the effects of the recent $100-million Poloniex hack, another cybersecurity threat that could affect billions worth of crypto assets has been discovered by a team of blockchain security experts. 

On Nov. 14, cybersecurity company Unciphered released information on a vulnerability that they called “Randstorm,” which they claim to affect millions of crypto wallets that were generated from 2011 to 2015.

11월 14일, 사이버 보안 회사인 Unciphered는 2011년부터 2015년까지 생성된 수백만 개의 암호화폐 지갑에 영향을 미쳤다고 주장하는 "Randstorm"이라는 취약점에 대한 정보를 공개했습니다.

Today we release our work on Randstorm: a vulnerability affecting a significant number of browser generated cryptocurrency wallets https://t.co/CebdytNaC6

Reporting @washingtonpost https://t.co/OzYDq2tH4W

Technical write-up: https://t.co/HPqjtaX1CA #Bitcoin #blockchain pic.twitter.com/aN7CZh9sv4

— Unciphered LLC (@uncipheredLLC) November 14, 2023

— Unciphered LLC(@uncipheredLLC) 2023년 11월 14일

According to the firm, while working to retrieve a Bitcoin (BTC) wallet for a customer, they discovered a potential issue for wallets generated by BitcoinJS and derivative projects. The issue could possibly affect millions of wallets and around $2.1 billion in crypto assets, according to the cybersecurity company. 

회사에 따르면 고객을 위해 비트코인(BTC) 지갑을 검색하는 동안 BitcoinJS 및 파생 프로젝트에서 생성된 지갑에 잠재적인 문제가 있음을 발견했습니다. 사이버보안 회사에 따르면 이 문제는 수백만 개의 지갑과 약 21억 달러 규모의 암호화폐 자산에 영향을 미칠 수 있다고 합니다.

The firm also believes that multiple blockchains and projects could be affected. Apart from BTC, the company highlighted that Dogecoin (DOGE), Litecoin (LTC) and Zcash (ZEC) wallets could also potentially contain the vulnerability.

Related: Hackers claim to have stolen user data from defunct crypto ATM firm Coin Cloud

관련: 해커들은 사라진 암호화폐 ATM 회사인 코인 클라우드(Coin Cloud)에서 사용자 데이터를 훔쳤다고 주장합니다.

In addition, the company said that millions have already received an alert about the problem. For those who are using crypto wallets generated within the 2011 to 2015 time frame, the company recommends transferring their assets to wallets that were generated more recently. They wrote:

또한 회사는 이미 수백만 명이 이 문제에 대한 경고를 받았다고 말했습니다. 2011년부터 2015년 사이에 생성된 암호화폐 지갑을 사용하는 사람들의 경우 회사는 자산을 가장 최근에 생성된 지갑으로 이전할 것을 권장합니다. 그들은 썼다:

“If you are an individual who has generated a self-custody wallet using a web browser before 2016, you should consider moving your funds to a more recently created wallet generated by trusted software.”

While the company said that not all impacted wallets are affected equally, it also confirmed that the vulnerability is exploitable. However, the company did not provide any details about the exploitation of the vulnerability to avoid providing more information to bad actors in the space.

Magazine: $3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story

매거진: 팝콘 통에 담긴 34억 달러 규모의 비트코인: 실크로드 해커의 이야기