Cryptanalysis

Padding Oracle Attack on Wallet.dat password decryption for the popular wallet Bitcoin Core

In this article, we will use the classification of common attack patterns from the cybersecurity resource [CAPEC™] . The “Padding Oracle Attack” was first discussed on Wallet.dat back in 2012 (on the vulnerability management and threat analysis platform “VulDB” ) . The problem of the most popular Bitcoin Core wallet affects the work  AES Encryption Paddingin the file Wallet.dat The technical details of this attack are known: https://en.wikipedia.org/wiki/Padding_oracle_attack An attacker can effectively decrypt…

DUST ATTACK blockchain transaction with confirmation of isomorphism for a total amount of 10000 BTC

In this article we will cover a broad topic: “Dust Attack” known as: "Dusting Attack"or "Crypto Dust". Perhaps every cryptocurrency user or holder of a large amount of BTC, ETH coins replaced the receipt of an insignificantly small amount of coins in satoshi on their cryptocurrency wallet , this receipt is disguised as "Donate", but in fact it is a whole mathematically refined system for taking…

How to find a private key in binary code from Bitcoin Lightning Wallet Vulnerability in Quasar Framework

In this article, we will focus on a smartphone application iOS and Android the popular Bitcoin Wallet that supports fast payments through (Lightning network) BLW: Bitcoin Lightning Wallet . Unfortunately, many autonomous nodes of the open source mobile application from LNbits Node Manager and Core Lightning are exposed to a HIGH RISK of losing all funds in various cryptocurrency coins. Developer David Shares from the Japanese company Bitcoin Portal has published many documents .…

Milk Sad vulnerability in the Libbitcoin Explorer 3.x library, how the theft of $900,000 from Bitcoin Wallet (BTC) users was carried out

Slowmist researchers conduct regular research into the security of the Bitcoin blockchain . They disclosed a vulnerability in the Libbitcoin Explorer 3.x library , which allowed attackers to steal more $ 900 000 from Bitcoin Wallets ( BTC ) users. According to analysts, this vulnerability may also affect users  Ethereum, Ripple, Dogecoin, Solana, Litecoin, Bitcoin Cash и Zcash,who use it Libbitcoin to create accounts. Researchers gave the code name for this vulnerability " Milk Sad " Было…

ShellShock Attack vulnerability on “Bitcoin” & “Ethereum” server discovered in GNU Bash cryptocurrency exchange

In this article we will look at a series of web server software vulnerabilities discovered in the  GNU Bash program  . Many Internet services , including Bitcoin blockchain web servers, use Bash to process some requests, for example when executing  CGI scripts . The vulnerability allows an attacker to execute arbitrary commands by gaining unauthorized access to computer systems, which allows the attacker to extract private…

Phenomenon from Blockchain Cryptocurrency Solidity Vulnerable Honeypots

Following the article: “Solidity Forcibly Send Ether Vulnerability to a Smart Contract continuation of the list of general EcoSystem security from attacks”. In this article, we will continue this topic related to vulnerabilities and traps. In the process of cryptanalysis of various cryptocurrencies, we are increasingly getting loopholes and backdoors. Honeypots work by luring attackers with a balance stored…

Solidity Forcibly Send Ether Vulnerability to a Smart Contract continuation of the list of general EcoSystem security from attacks

Earlier we touched on the topic: "Improving the overall security of the ecosystem from attacks on smart contracts". In this article, we will continue to develop this painful topic of ecosystem security. Occasionally, it is unwanted for users to be able to send Ether to a smart contract. Unfortunately for these circumstances, it's possible to bypass a…

ChatGPT as artificial intelligence gives us great opportunities in the security and protection of the Bitcoin cryptocurrency from various attacks

Bitcoin is an example of a decentralized network. There are no people or organizations that control it. This is part of its architecture. For many, the creation of Bitcoin Cash under the pretext that blocks with more memory would be beneficial is seen by most of the community as an example of an attack on decentralization. dependency on the stakeholder network…