A new threat has emerged in the cryptocurrency space, putting Bitcoin wallets created between 2011 and 2015 at significant risk. Dubbed "Randstorm," this exploit allows attackers to recover passwords and gain unauthorized access to a multitude of wallets spanning several blockchain platforms.
The term "Randstorm" was coined to describe a combination of bugs, design decisions, and API changes that, when brought together, dramatically reduce the quality of random numbers produced by web browsers from the specified era (2011-2015), according to a report by Unciphered published last week.
Approximately 1.4 million bitcoins are estimated to be parked in wallets generated with potentially weak cryptographic keys. To check if your wallet is vulnerable, you can visit www.keybleed.com.
Unciphered rediscovered this vulnerability in January 2022 while assisting an unnamed customer locked out of their Blockchain.com wallet. The issue was initially highlighted in 2018 by a security researcher known as "ketamine."
The Technical Details
The vulnerability stems from the use of BitcoinJS, an open-source JavaScript package used for developing browser-based cryptocurrency wallet applications. Specifically, Randstorm is rooted in the package's reliance on the SecureRandom() function in the JSBN JavaScript library, coupled with cryptographic weaknesses in the implementation of the Math.random() function in web browsers of that era.
BitcoinJS maintainers discontinued the use of JSBN in March 2014. However, the lack of sufficient entropy could still be exploited for brute-force attacks, especially on wallets generated before March 2012.
Implications and Recommendations
This discovery highlights the potential risks associated with open-source dependencies that power software infrastructure. Vulnerabilities in foundational libraries, as seen in the case of Randstorm, can have cascading effects, exposing users to significant security threats.
It's crucial for Bitcoin wallet users, especially those created between 2011 and 2015, to take immediate action. If your wallet is vulnerable, consider moving your funds to a new wallet created with updated software to mitigate the risk of unauthorized access.
Comments
Post a Comment