Home » Blog » New 0-day vulnerabilities caught up
New 0-day vulnerabilities caught up
3202 ,21 tsuguA

New 0-day vulnerabilities caught up

Two 0-day vulnerabilities (Bitforge) have been detected recently. They allow hackers to drain cryptocurrency from popular wallets in mere seconds.

So-called Zero-day vulnerabilities belong to one of the most tricky and dangerous vulnerability types, because they emerge unexpectedly, and there are no patches or at least detection strategies at hand.. They can pop up anywhere, at any time, and are very frequently exploited for malicious attacks.

The new ‘hidden stone’ is called Bitforge. Owing to it. users’ funds vanish faster than hopes for exchange rate stability.

There are actually two 0-day vulns concerning the implementation of widely used cryptographic protocols GG-18, GG-20 and Lindell17. They affect the most popular crypto wallets, including Coinbase, ZenGo and Binance and open a backdoor for hackers to clear them up in mere seconds. No interaction with users is needed. A cryptography investigation team first spotted this kind of issue in May 2023 and granted it the name it has now. Then the word ‘BitForge’ appeared in an analysts’ presentation at BlackHat with two exploits published for testing PoC for each of three protocols at GitHub.

  • The first vulnerability (called CVE-2023-33241 CVSS: 9.6) affects Threshold Signature Schemes (or TSS) of GG-18 and GG-20 protocols, which allow several parties to generate keys and sign transactions together, a core feature in multi-party computation (or MPC) wallets infrastructure. Using certain parameters, an attacker can send a specially created message to extract key fragments in 16-bit blocks and get the whole wallet key in 16 attempts.
  • The second vulnerability (named CVE-2023-33242 CVSS: 9.6) affects the Lindell17 protocol (2PC) and is somewhat alike the previous one, with the difference that 256 attempts are needed to extract the key. The core problem lies in 2PC protocol implementation, but not within the protocol itself. The error may manifest in malfunctioning wallets with interrupted requests, when the user is forced to sign operations manually, leading to the disclosure of private key elements. The private key can be also compromised by means of specially created malicious messages.

Coinbase and ZenGo have already solved the problem, but Binance and dozens of other wallets have remained vulnerable so far, according to Fireblocks research. Fireblocks have created a tool for project state testing to find out if projects in question are vulnerable due to the wrong protocol implementation. 

We use cookies on our website to improve user experience and analyze website traffic. By clicking “Accept“, you agree to our website's cookie use as described in our Privacy Policy.