Feed for tag: vulnerability
Electrum Fishing Scheme Warning

A fishing malware scheme has been spotted targeting electrum wallet users. Electrum users are advised to read the warning explainer that has been setup here.

Users of many versions of Electrum released may see messages as pictured when attempting to send a transaction with their wallet. The message, or some variation of, purports that a security update is required to continue.

This is not the case.

The message is generated by the server you are connected to, and contains a link to a malicious modification of the wallet which, if installed, will result in the immediate theft of all of your money. If you install any software shown in a message such as this you have no recourse to recover your funds.

Bitcoin Core 0.16.3 released fixes denial-of-service vulnerability
IMPORTANT The bug fixed in 0.16.3 is more severe than was previously made public. Full node users are advised to upgrade as soon as possible to Bitcoin Core 0.16.3. The releases can be found on bitcoin core website. Make sure to verify the binaries before using them. Stored funds are not at risk, there is however a small probability for a chainsplit. In the event of a chainsplit, transactions could be reversed even after a long time after they were fully confirmed.
Trezor One Firmware Update

Recently a physical attack vector on the Trezor One hardware wallet was disclosed by a security researched called Sunny, Trezor was quick to release a firmware update 1.6.1 but the researcher realized that another attack vector of the same type was possible so SatoshiLabs released the new firmware update 1.6.3 on the 30th of August.

Trezor comes with a tamper-evident seal and the attack vector only affects tampered devices, so if you bought your Trezor used or if it came with the seal broken, make sure you update the firmware first then set it up. If you’re updating an older Trezor, make sure to have the correct recovery seed on hand as you’ll need it to set it up.

The newest firmware verifies the authenticity of the bootloader in the device. The bootloader checks the signature of the firmware. If both are genuine, your device will not display a warning, and therefore your Trezor is safe to use.

Source

Getting around to fixing the timewarp attack

A timewarp attack on Bitcoin allows malicious miners to game the timestamp system to allow them to increase the rate of block generation beyond what the blockchain meant it to be. This attack has been possible since 2012 and was demonstrated on the testnet.

This was dismissed as an unimportant issue for the past few years as it requires the majority of hashrate and is easily blocked once someone starts using it.

Vulnerabilities in Numerous Javascript Cryptographic Libraries

Some concerns were raised on bitcoin-dev regarding potential vulnerabilities with some Javascript based crypto applications, more precisely the use of SecureRandom() function which collects entropy and includes a PRNG (Pseudo Random Number Generator).

TL;DR

The conclusion seems to be that at least all wallets generated by js tools inside browsers since bitcoin exists until 2011 are impacted by the Math.random weakness if applicable to the related implementations, the Math.random or RC4 (Chrome) weakness between 2011 and 2013, and RC4 weakness for Chrome users until end of 2015

Electrum Vulnerability
On 2017-11-24 an issue was posted to the Electrum repository. Open source code that exposed the mnemonic seed generated when creating a new Electrum wallet, had remained unchecked since the software’s inception. By default, Electrum enabled a JSON RPC server, which opened a random port and could be accessed over the internet (specifically by a website looking to steal seeds).