Millions of crypto wallets at risk due to overlooked code flaw
A tech entrepreneur’s forgotten Bitcoin password has led to the discovery of a significant security breach affecting millions of crypto wallets. This revelation, first reported by the Washington Post, highlights the latent risks in the booming digital currency sector.
Entrepreneur’s Quest to Recover $600,000 Bitcoin led him to Unciphered, an expert in recovering locked electronic funds. Although they were unable to access his wallet, their investigation revealed a major flaw in BitcoinJS, commonly used to generate wallet cryptographic keys.
Widespread impact on crypto wallet security
This flaw, resulting from insufficiently random key generation, constitutes a threat to a large number of wallets. Wallets created before March 2012 are particularly vulnerable and hold approximately $100 million in BTC. Average computer users could potentially hack these devices. Additionally, wallets created through the end of 2015, containing approximately $50 billion in BTC, are at risk, with at least 2% of them sensitive due to low randomness.
Eric Michaud, co-founder of Unciphered, highlighted the seriousness of the situation by saying: “BitcoinJS is terribly broken until March 2014. Anyone who uses it directly is at very high risk of attack. »
Efforts to mitigate risk
Following this discovery, Unciphered is alerting the public and urging wallet owners to move their funds to safer storage. They partnered with Blockchain.com to update and inform over 1.1 million users with at-risk wallets.
This event highlights the risks associated with digital currencies and highlights the need for enhanced security. As the cryptocurrency market grows, vigilant and proactive measures are essential to protect investors.
