Cryptopolitan
2025-10-18 06:51:12

Over 120,000 Bitcoin private keys were exposed through a flaw in Libbitcoin Explorer’s random-number generator

A newly uncovered vulnerability in a widely used open-source Bitcoin library has led to the exposure of more than 120,000 private keys, according to a report by crypto wallet provider OneKey. The flaw was traced back to the Libbitcoin Explorer (bx) 3.x series, which allowed attackers to predict wallet private keys generated through insecure random number methods. According to OneKey’s insight published on X late Friday, Libbitcoin Explorer (bx) 3.x is a command-line utility long used to create Bitcoin wallets offline. The software uses the Mersenne Twister-32 pseudo-random number generator (PRNG), which seeds randomness using only the system time. The seed space was limited to 2³² possible values, which helped hackers easily predict the random numbers and brute-force wallet private keys. Anyone aware of when a wallet was generated could reconstruct the same sequence of random numbers and, in turn, derive the private key to access an address’s funds. OneKey analysis on the extent of affected wallets According to the crypto wallet service provider, the issue has been confirmed to affect several wallet implementations that integrated Libbitcoin Explorer or its dependent components, including Trust Wallet Extension versions 0.0.172 through 0.0.183, and Trust Wallet Core versions up to 3.1.1, bar the patched 3.1.1 release. OneKey, citing an analysis by security researchers, discovered that the security flaw arose from the PRNG’s dependence on predictable entropy. Attackers could reproduce identical private keys for wallets generated at specific timestamps. The small seed space and predictable nature of the Mersenne Twister-32 algorithm made it feasible for malicious actors to automate the process and compromise several wallets. OneKey explained that the flaw may have contributed to previous mysterious fund losses in incidents like the “Milk Sad” case, where victims reported seeing their wallets drained, despite using air-gapped systems for security. The ‘Milk Sad’ connection did not affect OneKey wallets The Milk Sad investigation, which began earlier this year, revealed that victims had generated their wallets on air-gapped Linux laptops using commands in Libbitcoin Explorer. In each case, users relied on bx to produce their 24-word BIP39 mnemonic phrases in the belief that the tool made the randomness sufficient. One command sequence used during wallet generation was bx seed -b 256 | bx mnemonic-new. It generated 256 bits of entropy, which were then converted into a 24-word mnemonic phrase. Due to the flawed random number generator, the supposedly secure mnemonics were in fact predictable. Although the Milk Sad victims created their wallets years apart, investigators found each used the same version of Libbitcoin Explorer, which unknowingly generated weak private keys. In its report, OneKey stated that the vulnerability in Libbitcoin Explorer does not compromise the security of mnemonic or private keys in its wallets. The company’s investigation confirmed that its devices and software use a cryptographically secure RNG that meets international security standards. “All new-generation hardware wallets have Secure Elements (SE) with built-in True Random Number Generators (TRNGs) for key creation. The components are hardware-based and hold EAL6+ certification, levels of security that are recognized globally,” the hardware and cold wallet company confirmed. Software wallet vulnerability assessment OneKey also conducted an assessment of its software products, noting that the Desktop and Browser Extension versions utilize a Chromium-based WebAssembly (WASM) PRNG interface. The interface operating system uses a Cryptographically Secure Pseudo-Random Number Generator (CSPRNG) as the entropy source, which is the same standard used in modern browsers and secure software systems. OneKey said its Android and iOS wallets have system-level CSPRNG APIs built into the operating systems themselves. The wallet service’s security team reiterated that the randomness quality in wallet generation directly depends on the integrity of the device and software environment. “If the operating system, browser kernel, or device hardware is compromised, the entropy source could be weakened,” it wrote. The firm has advised users to choose hardware wallets if they plan to store coins for the long term, to minimize the risk of exposure. It also warned them not to import mnemonic phrases generated by software wallets into hardware wallets. If you're reading this, you’re already ahead. Stay there with our newsletter .

La maggior parte ha letto le notizie

Notizie correlate

Ricevi la newsletter di Crypto
Leggi la dichiarazione di non responsabilità : Tutti i contenuti forniti nel nostro sito Web, i siti con collegamento ipertestuale, le applicazioni associate, i forum, i blog, gli account dei social media e altre piattaforme ("Sito") sono solo per le vostre informazioni generali, procurati da fonti di terze parti. Non rilasciamo alcuna garanzia di alcun tipo in relazione al nostro contenuto, incluso ma non limitato a accuratezza e aggiornamento. Nessuna parte del contenuto che forniamo costituisce consulenza finanziaria, consulenza legale o qualsiasi altra forma di consulenza intesa per la vostra specifica dipendenza per qualsiasi scopo. Qualsiasi uso o affidamento sui nostri contenuti è esclusivamente a proprio rischio e discrezione. Devi condurre la tua ricerca, rivedere, analizzare e verificare i nostri contenuti prima di fare affidamento su di essi. Il trading è un'attività altamente rischiosa che può portare a perdite importanti, pertanto si prega di consultare il proprio consulente finanziario prima di prendere qualsiasi decisione. Nessun contenuto sul nostro sito è pensato per essere una sollecitazione o un'offerta