- The information security company Distrust reports that a combined sum of no less than $900,000 was illicitly taken across various blockchain networks.
- Cyber attackers successfully leveraged a weakness within the Libbitcoin Explorer, which is an open-source command-line utility or textual interface employed by Bitcoin developers for generating cryptographic keys and interacting with the blockchain.
Merely two years after the inception of Bitcoin in 2011, Amir Taaki, a British-Iranian anarchist developer, along with a collective of open-source coders, introduced an alternative to Bitcoin Core. This Core version was the initial and remains the predominant method for interfacing with the Bitcoin network.
The alternative software solution, known as Libbitcoin, has since transformed into a comprehensive collection of tools, functioning as a library that serves essential purposes such as interacting with the Bitcoin blockchain and creating cryptographic keys.
It was also showcased in the widely recognized and perhaps authoritative book "Mastering Bitcoin," authored by the prominent Bitcoin educator Andreas Antonopoulos.
However, with approximately $900,000 mysteriously vanishing from different user wallets in recent months, the previously assumed secure nature of Libbitcoin has been proven to be compromised.
This is the unfolding narrative as per a report on milksad.info. The report outlines the sequence of events in the recent saga, chronicling the discoveries made by Distrust, a cybersecurity company that stumbled upon the vulnerability in July. They were aided in their efforts by a coalition of self-reliant contributors.
In May, hackers initiated a covert operation to siphon funds from unsuspecting users. Their strategy involved exploiting a lesser-known vulnerability within several wallets created by the Libbitcoin explorer, known as BX.
The security flaw earned the moniker "Milk Sad" as the vulnerability led to the initial two words in a wallet recovery seed phrase being "milk" and "sad," according to the provided report.
The largest theft occurred on July 12, involving 29.65 bitcoins (BTC), which is valued at approximately $870,000 according to current exchange rates. Distrust reports that a combined sum of at least $900,000 was illicitly acquired across various blockchain platforms. This encompassed several of the approximately 2,600 bitcoin wallets that fell victim to this vulnerability.
While hardware wallets such as Trezor and Ledger appear to have emerged unharmed, several wallets remain vulnerable, and the complete amount of funds that have been misappropriated is still "awaiting assessment," as stated in a tweet dated August 8th by Anton Livaja, a member of the Distrust team.
BX introduces a text command called "bx seed," which utilizes the developer's computer clock to generate a seed phrase for wallet creation.
Crypto software generates random sequences of 12 to 24 words, known as seed phrases, for users seeking to restore or regain access to their wallets in the event of unexpected loss.
However, when employing the BX technique, the resulting expression lacks the desired level of randomness. As stated in the report, even “a decent gaming PC can do a brute-force search,” meaning it can attempt all conceivable word combinations for a user's seed phrase “in less than a day.”
“Think of this as securing your online bank account with a password manager that creates a long random password,” the report states. “But it often creates the same passwords for every user. Malicious people have figured this out and drained funds on any account they can find.”
Ethereum, Zcash, Solana, Dogecoin affected
The realm of Milk Sad extends beyond just Bitcoin. Ethereum, Zcash, Solana, and even Dogecoin find themselves among the roster of eight impacted blockchains. Likewise, analogous yet not entirely identical weaknesses have been identified in Cake Wallet and Trust Wallet, both of which are multi-chain wallet applications.
Usually, seed phrases are generated using a tool that can generate a vast array or "key space" of distinctive word combinations, quantified by the exponent of a binary digit or "bit." This essentially involves calculating two to the power of 128, 192, or 256, resulting in an astonishing number of possibilities.
BX has a paltry 32-bit key space which can only yield about 4.3 billion unique word combinations. “That’s not as many combinations as it sounds,” according to the report.
Eric Voskuil, the head developer at BX, conceded the insecurity of the seed generator while maintaining that there were no flaws in the software. He contended that the misuse of the "bx seed text" command was the issue. In support of his stance, he shared a screenshot of the application's GitHub documentation, which explicitly cautions developers about the vulnerability.
“This is not a bug in BX or Libbitcoin,” Voskuil tweeted. “It is reckless wallet development.”
Multiple experts in the Bitcoin community held a contrasting viewpoint.
“The case is crystal-clear,” tweeted Tim Ruffing, cryptographer at Bitcoin infrastructure firm Blockstream. “It's your bug, period.”