BTC $57127.6948
ETH $2317.6865
BNB $533.4933
SOL $132.7078
XRP $0.5357
stETH $2342.4528
DOGE $0.1016
TRX $0.1532
TON $5.3155
ADA $0.3471
wstETH $2734.6891
AVAX $23.4381
WBTC $57159.0035
WETH $2329.2558
BCH $337.2948
LINK $10.4424
UNI $6.9097
DOT $4.1583
DAI $1.0000
LTC $61.7115
KAS $0.1672
ICP $8.6656
BSC-USD $0.9924
FET $1.3307
XMR $171.3137
CAKE $1.7281
PEPE $0.0000
APT $6.0999
ETC $18.5370
USDE $0.9987
FDUSD $0.9920
IMX $1.2573
SUI $0.9090
NEAR $3.9946
STX $1.5851
OKB $39.1991
RNDR $5.7781
AAVE $149.0399
POL $0.3764
FIL $3.6028
TAO $281.1944
XLM $0.0927
HBAR $0.0501
INJ $18.7793
MNT $0.5585
VET $0.0217
MATIC $0.3817
BTC $57127.6948
ETH $2317.6865
BNB $533.4933
SOL $132.7078
XRP $0.5357
stETH $2342.4528
DOGE $0.1016
TRX $0.1532
TON $5.3155
ADA $0.3471
wstETH $2734.6891
AVAX $23.4381
WBTC $57159.0035
WETH $2329.2558
BCH $337.2948
LINK $10.4424
UNI $6.9097
DOT $4.1583
DAI $1.0000
LTC $61.7115
KAS $0.1672
ICP $8.6656
BSC-USD $0.9924
FET $1.3307
XMR $171.3137
CAKE $1.7281
PEPE $0.0000
APT $6.0999
ETC $18.5370
USDE $0.9987
FDUSD $0.9920
IMX $1.2573
SUI $0.9090
NEAR $3.9946
STX $1.5851
OKB $39.1991
RNDR $5.7781
AAVE $149.0399
POL $0.3764
FIL $3.6028
TAO $281.1944
XLM $0.0927
HBAR $0.0501
INJ $18.7793
MNT $0.5585
VET $0.0217
MATIC $0.3817
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • Due to the Randstorm vulnerability, 1.5 million bitcoins could be stolen.

    A new type of attack called Randstorm could potentially steal 1.5 million bitcoins, especially those made between 2011 and 2015. The Randstorm flaw is a result of bugs, bad design choices, and API changes that make the quality of random numbers generated by the web worse. Around 1.4 million bitcoins are believed to be in wallets made with weak cryptographic keys, which could support a creative space program for years.

    Unciphered discovered the Randstorm vulnerability in January 2022 while working for an unnamed client. The main reason for this vulnerability is the use of BitcoinJS, an open-source JavaScript library for creating browser-based cryptocurrency wallets. The exploit relies on the SecureRandom() function in the JSBN library, which was affected by cryptographic bugs in the way web browsers implemented the Math.random() function at the time. As of March 2014, BitcoinJS developers were no longer using JSBN.

    By brute force attacks, private keys can be used to get back the private keys of wallets made with the BitcoinJS library or projects that depend on it. The results highlight how flaws in core libraries used in open source projects can spread risks throughout the supply chain. In late 2021, a similar problem was seen with Apache Log4j.

    The security flaw is built into BitcoinJS wallets from the start, making them unfixable. If your wallet was made between 2011 and 2015, the only way to keep your money safe is to move it to a new wallet made with more up-to-date software.

    Author reign3d
    The Fall of a Crypto Titan: The Closure of Bittrex Global
    How scammers stole a million dollars from the crypto wallets of thousands of investors

    Comments 0

    Add comment