A newly discovered vulnerability in the Libbitcoin Explorer 3.x library has resulted in more than $900k being stolen from Bitcoin holders. The vulnerability was identified by the blockchain security firm SlowMist which also highlighted that the vulnerability might also affect users of Ethereum, Ripple, Dogecoin, Solana, Litecoin, Bitcoin Cash, and others who use Libbitcoin to create accounts.
🚨SlowMist Security Alert🚨
Recently, #Distrust discovered a severe vulnerability affecting cryptocurrency wallets using the #Libbitcoin Explorer 3.x versions. This vulnerability allows attackers to access wallet private keys by exploiting the Mersenne Twister pseudo-random…
— SlowMist (@SlowMist_Team) August 10, 2023
Libbitcoin is a BTC wallet implementation that developers and validators use to create Bitcoin and other cryptocurrency accounts. SlowMist did not highlight which applications that use Libbitcoin are affected by the vulnerability. SlowMist stated that the cybersecurity team, Distrust, was initially the one who identified the vulnerability, which is now classified as the Milk Sad loophole. However, not too long after its discovery, it was reported to the CEV cybersecurity vulnerability database on Aug 7.
Digging Deep Into the Bitcoin Exploit
Libbitcoin Explorer has a faulty key generation problem that enables exploiters to guess private keys. As a result of this problem, exploiters correctly guessed private keys and managed to disappear with over $900k worth of crypto as of Aug 10.
SlowMist continued to exercise great importance toward the attack that siphoned away approximately 9.7441 BTC. However, the firm claims that it has blocked the address, which suggests that it might have reached out to different cryptocurrency exchanges to prevent the attacker from cashing out all of the stolen funds. Furthermore, the team also made it clear that it would continue monitoring the address in case these stolen funds are moved somewhere else.
The members of the Distrust team along with other freelancers who discovered the threat have created a website explaining the vulnerability. They explained that the loophole is created when users employ the bx seed command in order to generate a wallet seed. The researchers claimed to have stumbled upon the discovery of the loophole when a Libbitcoin user approached them to discuss the unexplainable disappearance of his BTC tokens. When reaching out to other users, it came to light that a number of them were already the victim of the same phenomenon.
Increased wallet vulnerabilities have continued to pose a continuous threat to crypto users so far in 2023. Over $100 million in funds were lost in the Atomic Wallet hack in June, which was acknowledged by the team. Furthermore, the cybersecurity certification platform, CER, released its wallet security rankings in July this year, which highlighted that six out of 45 wallet brands employ penetration testing in an effort to discover vulnerabilities.