LATTICE ATTACK 249bits we solve the problem of hidden numbers using 79 signatures ECDSA

In our earliest work, we published an article on the topic “LATTICE ATTACK” as a complete solution to the HNP [Hidden Number Problem] , but with the recent emergence of a new attack “POLYNONCE ATTACK” , we decided to supplement the article using 79 signatures ECDSA. Based on the previous article, where we took the polynomial 128 bitsand with the actual increase in the number…

POLYNONCE ATTACK we use BITCOIN signatures as a Polynomial to an arbitrarily high power of 128 bits to get a Private Key

In this article, we will again touch on the topic: “Bitcoin’s Critical Vulnerability” and use the brand new attack of 2023 “POLYNONCE ATTACK” on all three examples . The very first mention of this attack is described in an article from “Kudelski Security” . https://research.kudelskisecurity.com/2023/03/06/polynonce-a-tale-of-a-novel-ecdsa-attack-and-bitcoin-tears/ As a practical basis, we will take materials from our earlier article “ Speed ​​up secp256k1 with endomorphism” where the values ​​​​on…

Install SageMath in Google Colab

In this article, we will do a fresh install SageMathin Google Colab. We previously published an article: “ Install SageMath for cryptanalysis on Fedora 64bit(10GB) Cloud Virtual Server ”, but in order to continue cryptanalysis of the Bitcoin blockchain, many of our readers prefer to use Debian and, Ubuntuin contrast to Fedora. As far as we know, Google Colab it has been updated to "Ubuntu 20.04.5 LTS". We…

Install SageMath for cryptanalysis on Fedora 64bit(10GB) Cloud Virtual Server

In this article, we will show in detail on slides how to install "SageMath" on a Fedora 30 64bit (10GB) cloud virtual server. For example, we will use the "DIGITAL RUBLE TECH" server . Previously, we used the Google Colab cloud service to install "SageMath" , but unfortunately, due to the latest updates, not all components for cryptanalysis of the Bitcoin blockchain work properly. Registration: First we need…

Improving the overall security of the ecosystem from attacks on smart contracts

Front-Running AKA Transaction-Ordering Dependence The University of Concordia considers front-running to be, "a course of action where an entity benefits from prior access to privileged market information about upcoming transactions and trades." This knowledge of future events in a market can lead to exploitation. For example, knowing that a very large purchase of a specific token is…

Twist Attack example №2 continue a series of ECC operations to get the value of Private Key to the Bitcoin Wallet

In this article, we will implement a Twist Attack using example #2, according to the first theoretical part of the article, we made sure that with the help of certain points on the secp256k1 elliptic curve, we can get partial values ​​​​of the private key and within 5-15 minutes restore a Bitcoin Wallet using the “Sagemath pollard rho function :…

How to protect your money in Bitcoin and Ethereum cryptocurrencies in the face of the rapid growth of fake crypto wallets

The rise of fake cryptocurrency apps and how to avoid them. Scammers are using fake crypto apps to steal funds from investors. Some malicious apps find their way into official app stores. And, according to the latest fraud report, fraudsters are using fake crypto apps to steal money from unsuspecting crypto investors. It highlights that American investors have lost…

Exploit in the cryptocurrency mining code that used a dangerous Log4j vulnerability CVE-2021-44228

Background on Log4j Alibaba Cloud Security Team publicly disclosed a critical vulnerability (CVE-2021-44228) enabling unauthenticated remote code execution against multiple versions of Apache Log4j2 (Log4Shell). Vulnerable servers can be exploited by attackers connecting via any protocol such as HTTPS and sending a specially crafted string. Log4j crypto-mining campaign Darktrace detected crypto-mining on multiple customer deployments which occurred…

Twist Attack example №1 perform a series of ECC operations to get the value of Private Key to the Bitcoin Wallet

Not so long ago, the elliptic (6.5.4) package for standard elliptic curves was vulnerable to various attacks , one of which is the Twist Attack . The cryptographic problem was in the implementation of secp256k1. We know that the Bitcoin cryptocurrency uses secp256k1 and this attack did not bypass Bitcoin, according to the CVE-2020-28498 vulnerability, the confirming parties of the ECDSA algorithm transaction through certain points on the secp256k1…