JavaScript SecureRandom() Function Exposes Bitcoin Wallets

JavaScript SecureRandom() Function Exposes Bitcoin Wallets

Researchers have discovered a vulnerability residing in the JavaScript SecureRandom() function used for generating random Bitcoin addresses and their corresponding private keys.

The flaw makes old Bitcoin addresses generated in the browser or via JS-based wallet application vulnerable to brute-force attacks. As a result, attackers can get access to users’ wallets and steal their cryptocurrency funds.

JavaScript SecureRandom() Library Not Securely Random

Cryptography is profoundly unforgiving of errors. You don’t mess with it. You don’t roll your own — you need battle-hardened algorithms that have been torture-tested by the most technically ruthless cryptographers you can find, said the researchers who reported the issue.

Related Story: Which Is the Most Secure BitCoin Hardware Wallet in 2017

On top of that, they added, “the popular JavaScript SecureRandom() library isn’t securely random”.

The issue is stemming from the function not generating random data as it is supposed to do.

The function will generate cryptographic keys that, despite their length, have less than 48 bits of entropy, meaning that the key’s output will have no more than 48 bits of entropy even if its seed has more than that, researchers added.

SecureRandom() then runs the number it gets through the obsolete RC4 algorithm, which is known to be more predictable than it should be, i.e. less bits of entropy. Thus, your key is more predictable.

All of the above means that the Bitcoin addresses generated through the the SecureRandom() function are prone to brute-force attacks that may reveal the user’s private key. If the latter happens, the user’s funds may be stolen.

Who is affected?

Apparently, all wallets generated by js tools within browsers since the beginning of Bitcoin until 2011 are impacted by the Math.random weakness if applicable to the related implementations, the Math.random or RC4 (Chrome) weakness between 2011 and 2013, and RC4 weakness for Chrome users until end of 2015, researchers clarified.

In other words, these keys will be easy to crack by brute-force attack of computing power.

The flaw affects users if they use old crypto addresses generated via JavaScript within the browser. If this is the case, users should immediately move their funds away from these wallets.

The following are likely affected:

– BitAddress pre-2013;
– bitcoinjs before 2014;
– current software that uses old repos they found on Github.

Related Story: Bitcoin Owners, Crypto Exchanges: Hackers’ New Favorite Targets

Recent JavaScript-generated addresses probably aren’t affected, researchers say. However, JavaScript is not the best way to generate keys, so it is best if users migrate their funds.

Milena Dimitrova

An inspired writer, focused on user privacy and malicious software. Enjoys 'Mr. Robot' and fears '1984'.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...