Bitcoin grows more and more popular, however not many users are aware of its vulnerabilities. There have been many issues with bitcoin in the past and this post sums up all important bitcoin vulnerabilities that have occurred over the last few years.
Repeated R-values in the blockchain
This is not the users fault, but rather a system error of creating the same r-values for transactions. This vulnerability surfaced in 2014 and 2016 when users lost a lot of their money due to this system fault. When the poor cryptography system error occurred, the bitcoins private keys were easily calculated using the formula K((z1s2 - z2s1)/(r*(s1-s2))). In 2016 this vulnerability showed up again with the new Android wallet system. Hundreds of wallets were affected before there was a fix. Who knows, maybe this is not the last time this vulnerability surfaces.Brainwallets
This vulnerability is user-generated, when instead of using random keys to store their bitcoins, users preferred to use simple passphrases, encoded them to SHA-256 and used that code as a private key. Hackers then used dictionary attacks to generate such addresses to steal those brainwallet bitcoins. Some famous brainwallets are: dog, cat, password, and the phrase “bitcoins are awesome”. So if you ever think of making your life simple and use a brainwallet password instead of a random key, think twice.Copay wallet bug
Wallets that use 2 out of 3 private keys are supposed to be more secure, right? Wrong! The copay SIGHASH_SINGLE bug allowed hackers to steal bitcoins by making it possible to forge a bitcoin signature for copay wallets and steal users’ bitcoins. This bug was very quickly fixed in the system, so not many users were aware of it. Let’s just hope that this never happens again.All bitcoins private keys leaked
All bitcoin private keys are in fact just numbers from 1 to 115792089237316195423570985008687907852837564279074904382605163141518161494336. There are a few sites that claim to have all bitcoin private keys. It is true, except for the fact that this is not a database, it would require too much space to store all those keys! These sites just generate random numbers, translate them into bitcoin keys and show the corresponding addresses. The probability of finding a valid key with balance is very low, even lower than winning a lottery, however, you do know that some people win the lottery, right?Stolen online accounts
Some people prefer to store their bitcoins in online wallets like coinbase or blockchain wallet. Eventually their emails and passwords become available due to hackers attacking one or another online database. Guess, what happens next? I think your guess is right; the hackers gain access to those users’ online wallets and steal the coins using the users’ private email and password information. The blackhats were even able to steal people’s phone numbers to do that in a recent coinbase attack!
I will try to create new articles on this subject as the bitcoin system advances and new bugs and leaks appear online.
If you found my article useful, you can always upvote me, subscribe or even donate to my bitcoin address 1BABEjRxQoJP87NkNZeAF3mZmCSP6voyiA .
Keep your bitcoins safe!
Yours truly,
BitcoinBabe
Nice post, all the bitcoin "do not do's" in one place!
bitcoin are my babe, how can you be bitcoin babe :)
Congratulations @bitcoinbabe! You have completed some achievement on Steemit and have been rewarded with new badge(s) :
Click on any badge to view your own Board of Honor on SteemitBoard.
For more information about SteemitBoard, click here
If you no longer want to receive notifications, reply to this comment with the word
STOPSo storing cryptos on hardvers would be best solution i guess