The Hidden Risk of Using A Bitcoin Wallet Created Before 2016
A $2 Billion Bitcoin Security Flaw That Was Uncovered by Chance Imagine having a Bitcoin wallet that is worth millions of dollars, but also vulnerable to a software flaw that could allow hackers to steal your coins. That is the nightmare scenario that many Bitcoin users may face if they are using wallets created before 2016.
This security flaw, dubbed Randstorm, was discovered by cryptocurrency startup Unciphered while they were helping a customer who had lost access to their wallet. The wallet was created on Blockchain.com, a popular platform that used BitcoinJS, a JavaScript library for Bitcoin transactions. Unciphered found out that BitcoinJS had a critical bug that affected wallets generated between 2011 and 2015.
This bug, combined with other factors such as API changes and architectural choices, made these wallets susceptible to attacks that could reveal their private keys. According to Unciphered, this flaw may have impacted around 1.4 million Bitcoin, which is equivalent to about $2 billion at the current market price.
If 3 to 5 percent of these wallets were compromised, the potential loss could range from $1.2 to $2.1 billion. Eric Michaud, co-founder of Unciphered, said that BitcoinJS was severely flawed until March 2014, and anyone using it directly faces a high risk of being hacked.