Bitcoin vulnerability discovered in Android -- beware of virtual thieves!
Lately, it seems like Bitcoin is under attack. Only two weeks ago, Thailand outright banned the currency. Before that, it was discovered that Bitcoin-stealing malware was spreading through Skype. Sadly, today comes the announcement that Android has a vulnerability which can expose your precious Bitcoins to thieves.
According to Bitcoin.org, "a component of Android responsible for generating secure random numbers contains critical weaknesses, that render all Android wallets generated to date vulnerable to theft. Because the problem lies with Android itself, this problem will affect you if you have a wallet generated by any Android app".
"Generated by" are the key words here. Apps that don't generate keys on an Android device are not affected. Bitcoin.org says "exchange frontends like the Coinbase or Mt Gox apps are not impacted by this issue because the private keys are not generated on your Android phone". Users of these apps can breathe a sigh of relief.
However, even though Android is the culprit here, there is no need to smash your device into bits -- the vulnerability is being addressed in affected apps such as Bitcoin Wallet, Bitcoin Spinner, Mycelium Bitcoin Wallet and blockchain.info.
To secure your existing wallets, Bitcoin.org suggests "Key Rotation". This is explained as "generating a new address with a repaired random number generator and then sending all the money in your wallet back to yourself".
Unfortunately, you must also "contact anyone who has stored addresses generated by your phone and give them a new one". This sounds like a potential headache to say the least.
Are you a Bitcoin miner or trader? Is all the negative press giving you second thoughts? Tell me in the comments.
Photo credit: ppart/Shutterstock