Crypto cybersecurity firm Unciphered has unearthed a decade-old crypto wallet bug affecting browser-based wallets generated between 2011 and 2015.

The bug may allow nefarious actors to steal up to $2.1 billion from wallets on various networks, including Bitcoin (BTC), Dogecoin (DOGE), Litecoin (LTC), and Zcash (ZEC).

Discovering An Ancient Bug

In an interview with the Wall Street Journal, the Unciphered team explained that they’d accidentally discovered the bug during a failed attempt to recover an early investor’s $600,000 in lost Bitcoin (BTC).

The entrepreneur, Nick Sullivan, created his Bitcoin wallet back in 2014 using the website Blockchain.info (since renamed to Blockchain.com). Later, he accidentally lost access to his coins after wiping his computer’s memory without remembering to record his wallet’s private key.

At Sullivan’s request, Unciphered began searching for Sullivan’s coins in January 2022. Though they ultimately lacked enough information to get them back, they realized in the process that Blockchain.info’s code for creating random wallet keys – BitcoinJS – did not make all of its wallets random enough.

“BitcoinJS is terribly broken up till March 2014,” said Unciphered co-founder Eric Michaud. “Anyone directly using it is on the very high end of risk to attack.”

Another wallet site, Dogecoin.info, also used BitcoinJS, leaving many old Dogecoin users exposed to the same vulnerability.

Unciphered claims that wallets made before March 2012 contain $100 million in assets that could easily be hacked by a home computer user. Another $50 billion is held in wallets created between then and 2015, of which at least $500 million is vulnerable.

Cryptographers discovered flaws in wallet generation randomness back in 2014, and improved their methods since. Unciphered said it hadn’t discovered any wallets generated after 2016 suffering from weak randomness.

How to Tell Victims?

Unciphered came public with the vulnerability this week, but has been quietly warning affected users that their assets are at risk for months.

The challenge was convincing millions of

Go to Source to See Full Article
Author: Andrew Throuvalas

Did you like this?
Tip BTC Newswire with Cryptocurrency

Donate Bitcoin to BTC Newswire

Scan to Donate Bitcoin to BTC Newswire
Scan the QR code or copy the address below into your wallet to send some bitcoin:
Donate via Installed Wallet
[X] Click Here to Hide Donation Details

Donate Bitcoin Cash to BTC Newswire

Scan to Donate Bitcoin Cash to BTC Newswire
Scan the QR code or copy the address below into your wallet to send bitcoin:
Donate via Installed Wallet
[X] Click Here to Hide Donation Details

Donate Ethereum to BTC Newswire

Scan to Donate Ethereum to BTC Newswire
Scan the QR code or copy the address below into your wallet to send some Ether:
Donate via Installed Wallet
[X] Click Here to Hide Donation Details

Donate Litecoin to BTC Newswire

Scan to Donate Litecoin to BTC Newswire
Scan the QR code or copy the address below into your wallet to send some Litecoin:
Donate via Installed Wallet
[X] Click Here to Hide Donation Details

Donate Monero to BTC Newswire

Scan to Donate Monero to BTC Newswire
Scan the QR code or copy the address below into your wallet to send some Monero:
Donate via Installed Wallet
[X] Click Here to Hide Donation Details

Donate ZCash to BTC Newswire

Scan to Donate ZCash to BTC Newswire
Scan the QR code or copy the address below into your wallet to send some ZCash:
[X] Click Here to Hide Donation Details

CryptoPotato

CryptoPotato

BTC NewswireAuthor posts

BTC Newswire Crypto News at your Fingertips

Related Posts ...

Comments are disabled.