ZenGo Devs Discover Critical Double Spend Vulnerability in Top Bitcoin Wallets
Shutterstock
Main page News, Tech, Wallet, Hacker Attack, Cryptocurrency
Hot topic
July 2, 2020

The developers of ZenGo crypto wallet discovered critical vulnerability for the attack of double spending called "BigSpender".

According to an official announcement, the vulnerability affected Ledger Live, Bread and Edge wallets.

The bug allows attackers to spend the same coins two or more times. Bad actor can send a transaction with a minimum fee, and then immediately replace the previous one by offering a higher fee.

Thus, cryptocurrency miners get an incentive to first check out a more profitable new transaction. Then an attacker can redirect funds to another address.

Google Removes 22 Fake Crypto Wallet Extensions

According to the developers, although the vulnerability is partially eliminated, users of some wallets can still become its victims.

At the time of writing, only Edge Wallet has not fixed the bug.

The ZenGo team urges wallet developers to test their wallet behavior with respect to Replace-by-Fee (RBF) transactions and cancellations.

In January, cybersecurity researchers at Kraken Security Labs discovered a way to extract seeds from such wallets as Trezor One and Trezor Model T just within 15 minutes.

According to the official blog post, all that potential hacker is needed is physical access to the wallet.

Access more than 50 of the world's financial markets directly from your EXANTE account – including NASDAQ, London Stock Exchange and Tokyo Stock Exchange.

Subscribe to our Telegram channel to stay up to date on the latest crypto and blockchain news.

Read also:
Please describe the error
Close