Fireblocks disclosed vulnerabilities for crypto wallets

By Juan Frers

Aug 10, 2023 at 8:58 AM UTC

News

Fireblocks disclosed vulnerabilities for crypto wallets

Research group Fireblocks has disclosed several vulnerabilities that could affect wallets using multi-party computation (MPC) technology providers.

The company explained that the BitForge vulnerabilities had affected some of the most important wallet providers, like Coinbase, Zengo, and Binance.

1/ The Fireblocks research team has uncovered BitForge, a set of vulnerabilities in some of the most widely adopted MPC protocols, that allow an attacker to retrieve a private key from a single device. Read on → https://t.co/xo2r9zgCvj pic.twitter.com/7q1nEeVBwO
— Fireblocks (@FireblocksHQ) August 9, 2023

Fireblocks’s researchers added that the vulnerabilities could allow hackers and malicious insiders to take funds from the wallets of millions of retail and institutional users.

“It is evident from our findings that not all MPC developers and teams are created equal. Companies leveraging web3 technology should work closely with security experts with the know-how and resources to stay ahead of and mitigate vulnerabilities.”
Pavel Berengoltz, Fireblocks co-founder

The Fireblocks’s research team worked on patching the found vulnerabilities. They explained that Coinbase WaaS and Zengo were the best at handling the situation and ensuring their users were protected.

Coinbase responded to the findings by Fireblocks, thanking the company and adding that their customers were never at risk.

https://twitter.com/CoinbaseCloud/status/1689400683173445636

Besides Coinbase, Waas, Zengo, and Binance, other wallet providers were impacted by the BitForge vulnerability. Fireblock published the BitForge Status Checker so that companies could check their current status regarding the vulnerabilities found.