BTC $68391.2648
ETH $3903.5878
BNB $602.2104
SOL $169.6992
stETH $3900.9124
XRP $0.5304
DOGE $0.1658
TON $6.4371
ADA $0.4594
AVAX $37.2673
wstETH $4559.6158
WETH $3916.3555
WBTC $68481.1744
LINK $18.2218
DOT $7.3902
TRX $0.1117
UNI $10.8218
BCH $471.3399
MATIC $0.7417
PEPE $0.0000
LTC $83.6866
FET $2.2538
ICP $12.1949
RNDR $10.0147
DAI $1.0008
CAKE $2.9711
weETH $4054.9217
NEAR $7.9068
IMX $2.3203
ETC $31.4395
APT $9.4947
ezETH $3874.8914
HBAR $0.1054
WIF $3.6835
MNT $1.0292
KAS $0.1409
FIL $5.9409
FDUSD $0.9999
GRT $0.3140
FLOKI $0.0003
STX $1.9947
TAO $425.0386
USDE $1.0012
ATOM $8.6347
OKB $47.1787
ENS $27.1095
XMR $143.4324
BTC $68391.2648
ETH $3903.5878
BNB $602.2104
SOL $169.6992
stETH $3900.9124
XRP $0.5304
DOGE $0.1658
TON $6.4371
ADA $0.4594
AVAX $37.2673
wstETH $4559.6158
WETH $3916.3555
WBTC $68481.1744
LINK $18.2218
DOT $7.3902
TRX $0.1117
UNI $10.8218
BCH $471.3399
MATIC $0.7417
PEPE $0.0000
LTC $83.6866
FET $2.2538
ICP $12.1949
RNDR $10.0147
DAI $1.0008
CAKE $2.9711
weETH $4054.9217
NEAR $7.9068
IMX $2.3203
ETC $31.4395
APT $9.4947
ezETH $3874.8914
HBAR $0.1054
WIF $3.6835
MNT $1.0292
KAS $0.1409
FIL $5.9409
FDUSD $0.9999
GRT $0.3140
FLOKI $0.0003
STX $1.9947
TAO $425.0386
USDE $1.0012
ATOM $8.6347
OKB $47.1787
ENS $27.1095
XMR $143.4324
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Due to the Randstorm vulnerability, 1.5 million bitcoins could be stolen.

    A new type of attack called Randstorm could potentially steal 1.5 million bitcoins, especially those made between 2011 and 2015. The Randstorm flaw is a result of bugs, bad design choices, and API changes that make the quality of random numbers generated by the web worse. Around 1.4 million bitcoins are believed to be in wallets made with weak cryptographic keys, which could support a creative space program for years.

    Unciphered discovered the Randstorm vulnerability in January 2022 while working for an unnamed client. The main reason for this vulnerability is the use of BitcoinJS, an open-source JavaScript library for creating browser-based cryptocurrency wallets. The exploit relies on the SecureRandom() function in the JSBN library, which was affected by cryptographic bugs in the way web browsers implemented the Math.random() function at the time. As of March 2014, BitcoinJS developers were no longer using JSBN.

    By brute force attacks, private keys can be used to get back the private keys of wallets made with the BitcoinJS library or projects that depend on it. The results highlight how flaws in core libraries used in open source projects can spread risks throughout the supply chain. In late 2021, a similar problem was seen with Apache Log4j.

    The security flaw is built into BitcoinJS wallets from the start, making them unfixable. If your wallet was made between 2011 and 2015, the only way to keep your money safe is to move it to a new wallet made with more up-to-date software.

    Author reign3d
    The Fall of a Crypto Titan: The Closure of Bittrex Global
    How scammers stole a million dollars from the crypto wallets of thousands of investors

    Comments 0

    Add comment