BitcoinJS Library Vulnerability Exposes $1 Billion Worth of Crypto
A recent discovery by crypto recovery company Unciphered has revealed a significant vulnerability in the BitcoinJS library, affecting old Bitcoin wallets generated between 2011 and 2016. The vulnerability, known as Randstorm, was found to be prevalent among these wallets, potentially leaving nearly $1 billion worth of crypto exposed to potential hacks.
The popular JavaScript library was discovered to have issues with generating private keys for crypto wallets properly, as it did not always produce keys random enough. BitcoinJS developer Stefan Thomas confirmed the vulnerability and expressed regret for the oversight, attributing it to taking code from a source published on Stanford University’s website.
Various crypto websites, including Blockchain.com, were affected by this vulnerability. However, Blockchain.com has since addressed the issue by adding more randomness to the random number generator. This vulnerability is not entirely new, as discussions about it date back to 2013, highlighting the need for improved security measures in crypto wallet generation.
Hot Take: Importance of Robust Security Measures in Crypto Wallets
This incident underscores the critical importance of robust security measures in crypto wallet generation. The exposure of such a significant vulnerability in a widely-used library serves as a stark reminder of the potential risks associated with outdated or flawed software. Developers and users alike must prioritize thorough security assessments and ongoing vigilance to safeguard digital assets from potential threats.
By
By
By
By
By