Hackers Exploiting ‘Bitmessage’ Zero-Day to Steal Bitcoin Wallet Keys

Haythem Elmir
0 1
Read Time1 Minute, 21 Second

Bitmessage developers have warned of a critical ‘remotely executable’ zero-day vulnerability in the PyBitmessage application that was being exploited in the wild.

Bitmessage is a Peer-to-Peer (P2P) communications protocol used to send encrypted messages to users. Since it is decentralized and trustless communications, one need-not inherently trust any entities like root certificate authorities.

Those who unaware, PyBitmessage is the official client for Bitmessage messaging service.

According to Bitmessage developers, a critical zero-day remote code execution vulnerability, described as a message encoding flaw, affects PyBitmessage version 0.6.2 for Linux, Mac, and Windows and has been exploited against some of their users.

« The exploit is triggered by a malicious message if you are the recipient (including joined chans). The attacker ran an automated script but also opened, or tried to open, a remote reverse shell, » Bitmessage core developer Peter Šurda explained in a Reddit thread.

« The automated script looked in ~/.electrum/wallets [Electrum wallets], but when using the reverse shell, he had access to other files as well. If the attacker transferred your Bitcoins, please contact me (here on Reddit). »

Moreover, hackers also targeted Šurda. Since his Bitmessage addresses were most likely considered to be compromised, he suggested users not to contact him at that address.

« My old Bitmessage addresses are to be considered compromised and not to be used, » Šurda tweeted.

Šurda believes that the attackers exploiting this vulnerability to gain remote access are primarily looking for private keys of Electrum bitcoin wallets stored on the compromised device, using which they could/might have stolen bitcoins.

https://thehackernews.com/2018/02/bitmessage-bitcoin-hackers.html

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
100 %

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%

Laisser un commentaire

Next Post

Android ransomware in 2017: Innovative infiltration and rougher extortion

2017 was without a doubt the year of ransomware. Users and businesses worldwide had to cope with the fallout of massive campaigns such as Petya or WannaCryptor, and put up with damages that surpassed the multibillion mark. However, it wasn’t just PC ransomware that made headlines, as authors of Android malware […]