Libbitcoin, a popular Bitcoin wallet implementation used by developers and validators, has recently been compromised, leading to the theft of close to $1 million from Bitcoin users, according to reports. This vulnerability was discovered by the blockchain security firm SlowMist, who investigated the Libbitcoin Explorer 3.x library and found that more than $900,000 had already been stolen from Bitcoin users. It is not just Bitcoin users who are at risk, however, as users of other cryptocurrencies such as Ethereum, Dogecoin, Ripple, Solana, Bitcoin Cash, Litecoin, and Zcash who also use Libbitcoin for their accounts are advised to transfer their funds to secure wallets immediately.
The vulnerability in Libbitcoin stems from the flawed implementation of the pseudo-random number generator (PRNG) in the Libbitcoin Explorer 3.x versions. The implementation used the Mersenne Twister algorithm and only used 32 bits of system time as the seed for generating private keys. This makes it relatively easy for threat actors to brute force the private keys of users, as they would only need a few days to do so.
While Libbitcoin is used by several platforms such as Airbitz, Cancoin, and Blockchain Commons, it is unclear whether these platforms have been affected by the vulnerability. SlowMist suggests that all users of Libbitcoin Explorer 3.x versions should immediately stop using the affected wallets and transfer their funds to secure wallets. They also emphasize the importance of using verified and secure random number generation methods to generate new wallets.
According to a report found on the CVE cybersecurity vulnerability database, the Libbitcoin Explorer had a faulty key generation mechanism, making it easier for threat actors to guess private keys. In one attack, hackers managed to steal 9.7441 BTC ($278,318). To prevent the attacker from withdrawing the funds, measures were taken to contact exchanges promptly.
Related Post
A team of researchers from Distrust discovered the vulnerability. They found that the “bx seed” command, which is used to generate a wallet seed, often generates the same seed for multiple individuals due to insufficient randomness. The discovery began when a Libbitcoin user reported the mysterious disappearance of their Bitcoin on July 21. It was later revealed that multiple users had experienced the same issue.
In response to these concerns, Eric Voskuil, a member of the Libbitcoin Institute, clarified that the “bx seed” command is not intended for use in production wallets but rather as a convenience for demonstrating behavior that requires entropy. He acknowledged that if people used it for production key seeding, the warning against doing so was not sufficient. In the coming days, changes will be made to either remove the command entirely or enhance the warning against using it in production environments.
This incident highlights the ongoing issue of wallet vulnerabilities leading to significant losses in the cryptocurrency industry. In June, the hack of Atomic Wallet resulted in the theft of approximately $100 million. Many of these incidents can be attributed to negligence on the part of wallet providers. A recent cybersecurity certification report revealed that only six out of 45 wallet brands used penetration testing to uncover vulnerabilities.
In conclusion, the compromising of Libbitcoin, a popular Bitcoin wallet implementation, has put the funds of several cryptocurrency users at risk. The vulnerability in the Libbitcoin Explorer 3.x versions allowed threat actors to steal close to $1 million from Bitcoin users. Users of other cryptocurrencies who rely on Libbitcoin for their accounts are also advised to transfer their funds to secure wallets. This incident highlights the importance of rigorous security measures and vulnerability testing in the cryptocurrency industry to protect users’ assets.
