The Crypto Times
Image default
News

MyCrypto Researcher Discovers Wallet Weakness That Issued One Key to Numerous Users

A vulnerability on a code running on wallet creator WalletGenerator.net was discovered by Harry Denley, a security researcher for MyCrypto. Denley explained in a recent blog post how the online crypto paper wallet creator ran on a code that caused pairs of private and public keys to be issued to numerous users.

Code Discrepancies

Denley said the code was reportedly running by August 2018 and was only fixed by May 23. The live code on the company’s site was alleged to be designed as open source and should be audited on GitHub. However, there were discrepancies found between them.

MyCrypto’s security researcher went over the live code and determined that the keys were created deterministically instead of randomly on the website’s live version.

120 out of 1,000 Unique Keys

In a test conducted May 18 to 23, MyCrypto tried to utilize WalletGenerator’s bulk generator to create 1,000 keys. The GitHub version came back with 1,000 distinct keys while the live code only returned with 120 keys. They ran the generator several times and it always returned with 120 keys instead of the expected 1,000 unique keys even after other factors were changed, including the user, VPN and browser refreshes.

Randomness is required to create the unique pairings needed to ensure the security of the paper wallets.

WalletGenerator has reportedly resolved the determinism issue after MyCrypto discussed the problem with the company even while it was still in the midst of its research. The wallet creator was said to have claimed that MyCrypto’s allegations couldn’t be verified and even asked if the company was a “phishing website.”

Related posts

Low Voter Turnout Holds up MakerDAO’s Move to Enforce 2% Reduction in DAI Stability Fee

Viena Abdon

Hacked Crypto Exchange Finds its Stolen Tokens on Overseas Platforms

Viena Abdon

Ripple Q2 Report Revealed Company Sold More Than $251 Million XRP

Viena Abdon

Facebook Updates Guideline on Crypto Materials, Blockchain Advertisements

Sierra Sanders

Poloniex Margin Lenders Lose $13.5 Million to Severe Price Crash

Viena Abdon

Ex- CFTC Head Says Crypto Market Needs to be Regulated to Grow and Safeguard Consumers

Sierra Sanders