Android-based Bitcoin wallets upgraded after cryptography flaw and security problems

Like Bitcoin Examiner reported three days ago, when the security vulnerability that was affecting Android-based wallets was made public, some cryptocurrency wallets have been updated.

This flaw allowed attackers to steal the virtual currency from users of the Bitcoin Wallet, Blockchain wallet, Mycelium Bitcoin Wallet and BitcoinSpinner. But now the problem has been fixed, as promised in the beginning of the week.

The big problem was caused by an Android component, the Java SecureRandom, which generates random numbers to create private keys. In some cases, the users noticed the numbers were the same and that was compromising the security of the transactions. This could allow an attacker to determine someone’s private key and steal their Bitcoins, something that actually happened: more than 55 BTC were stolen before the users could notice the vulnerability.

At the time, all the Bitcoiners using one of these wallets were advised to rotate their addresses as soon as possible, as well as update their systems.

On Tuesday (13), the security vendor Symantec wrote that the same kind of random number generator vulnerability “was previously used to break the security of other products, such as the PlayStation 3 master key”. Because of this, tens of thousands of other Android applications became vulnerable.


Bitcoin Video Crash Course 

Dummy-proof explainer videos enjoyed by over 100,000 students. One email a day for 7 days, short and educational, guaranteed.

We hate spam as much as you do. You can unsubscribe with one click.

Comments are closed.