Libbitcoin Explorer Vulnerability Leads to Major Crypto Theft

Major Security Flaw in Libbitcoin Explorer

A critical vulnerability in the Libbitcoin Explorer 3.x library has led to the theft of over $900,000 from Bitcoin users. This flaw may also affect other digital currencies like Ethereum, Ripple, Dogecoin, Solana, Litecoin, Bitcoin Cash, and Zcash, which utilize Libbitcoin for account creation.

Impact on Wallet Applications

Libbitcoin is employed by various applications such as Airbitz, Bitprim, Blockchain Commons, and Cancoin. However, the specific applications impacted by this vulnerability have not been disclosed. The security breach, termed "Milk Sad," was identified by the cybersecurity team Distrust and involves a malfunction in the key generation process, allowing attackers to predict private keys.

Exploitation and Response

Attackers leveraged this vulnerability to steal substantial amounts of cryptocurrency, including a notable single theft of $278,318. Efforts are underway to block the attacker's address and prevent the stolen funds from being cashed out, with ongoing monitoring for any movement of these assets.

Discovery and Recommendations

The issue came to light when a Libbitcoin user reported missing Bitcoin, prompting further investigation that revealed similar thefts among other users. The vulnerability stems from the "bx seed" command, which fails to generate sufficiently random wallet seeds, potentially leading to duplicate seeds across multiple users.

Addressing the Vulnerability

Eric Voskuil from the Libbitcoin Institute emphasized that the "bx seed" command is not meant for production use. Considerations are being made to either enhance the warning against its use or eliminate the command entirely. This incident highlights ongoing wallet vulnerabilities, with previous security breaches like the $100 million hack of Atomic Wallet underscoring the need for robust security measures in the crypto space.