Home » Blog » New 0-day vulnerabilities caught up

New 0-day vulnerabilities caught up

Two 0-day vulnerabilities (Bitforge) have been detected recently. They allow hackers to drain cryptocurrency from popular wallets in mere seconds.

So-called Zero-day vulnerabilities belong to one of the most tricky and dangerous vulnerability types, because they emerge unexpectedly, and there are no patches or at least detection strategies at hand.. They can pop up anywhere, at any time, and are very frequently exploited for malicious attacks.

The new â€˜hidden stoneâ€™ is called Bitforge. Owing to it. usersâ€™ funds vanish faster than hopes for exchange rate stability.

There are actually two 0-day vulns concerning the implementation of widely used cryptographic protocols GG-18, GG-20 and Lindell17. They affect the most popular crypto wallets, including Coinbase, ZenGo and Binance and open a backdoor for hackers to clear them up in mere seconds. No interaction with users is needed. A cryptography investigation team first spotted this kind of issue in May 2023 and granted it the name it has now. Then the word â€˜BitForgeâ€™ appeared in an analystsâ€™ presentation at BlackHat with two exploits published for testing PoC for each of three protocols at GitHub.

The first vulnerability (called CVE-2023-33241 CVSS: 9.6) affects Threshold Signature Schemes (or TSS) of GG-18 and GG-20 protocols, which allow several parties to generate keys and sign transactions together, a core feature in multi-party computation (or MPC) wallets infrastructure. Using certain parameters, an attacker can send a specially created message to extract key fragments in 16-bit blocks and get the whole wallet key in 16 attempts.
The second vulnerability (named CVE-2023-33242 CVSS: 9.6) affects the Lindell17 protocol (2PC) and is somewhat alike the previous one, with the difference that 256 attempts are needed to extract the key. The core problem lies in 2PC protocol implementation, but not within the protocol itself. The error may manifest in malfunctioning wallets with interrupted requests, when the user is forced to sign operations manually, leading to the disclosure of private key elements. The private key can be also compromised by means of specially created malicious messages.

Coinbase and ZenGo have already solved the problem, but Binance and dozens of other wallets have remained vulnerable so far, according to Fireblocks research. Fireblocks have created a tool for project state testing to find out if projects in question are vulnerable due to the wrong protocol implementation.

previous post

August 8, 2023

Why It's Still Necessary to Audit Bitcoin Ordinals (Even Though They Don't Have Smart Contracts)

As Ordinals blaze a trail in the Bitcoin community, shattering daily inscription records, for instance, in April 2023 with a torrent of multimedia content, one can’t help but wonder: Amidst the buzz, are we overlooking the vulnerabilities? Is this groundbreaking innovation truly as safe and sound as it appears? Bitcoin Ordinals, what is this? A genuine and insightful approach to create non-fungible tokens in the Bitcoin Network. Bitcoin ...

Read more
next post

August 26, 2023

The role of non-custodial wallets in managing and securing cryptocurrency assets

There are two types of wallets involved in digital financial transfers, custodial and non-custodial. The main difference is based on the key storage method. Custodial wallets store and backup private keys automatically, which is rather convenient for users, who have just signed in to get access to the wallet. Non-custodial wallets allow the user to take care of their private keys by themselves. As soon as the wallet is created, its owner ...

Read more