{"id":9186,"date":"2020-07-02T22:15:39","date_gmt":"2020-07-02T19:15:39","guid":{"rendered":"https:\/\/forklog.media\/?p=9186"},"modified":"2020-07-03T19:47:47","modified_gmt":"2020-07-03T16:47:47","slug":"bigspender-exploit-in-some-bitcoin-wallets-allows-attackers-to-fake-transactions","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/bigspender-exploit-in-some-bitcoin-wallets-allows-attackers-to-fake-transactions\/","title":{"rendered":"\u201cBigSpender\u201d Exploit in Some Bitcoin Wallets Allows Attackers to Fake Transactions"},"content":{"rendered":"<p>The team behind the ZenGo crypto-currency wallet found a design flaw in several competing Bitcoin wallets allowing attackers to trick the software by sending and undoing transactions via the Replace-By-Fee feature.<\/p>\n<p><!--more--><\/p>\n<p>The vulnerability named \u201cBigSpender\u201d has been discovered about three months ago as part of ZenGo\u2019s security research. The team notified the affected providers and waited for 90 days before <a href=\"https:\/\/zengo.com\/bigspender-double-spend-vulnerability-in-bitcoin-wallets\/\">disclosing<\/a> the information publicly on June 1st. Ledger Live, BRD, and Edge were among the affected wallets.<\/p>\n<p>BigSpender flaw allows an attacker to send a Bitcoin transaction with a minimal fee and then, before this transaction is confirmed, replace it with another higher-fee transaction sending the same coins to a different address.<\/p>\n<p>The problem is that some wallets would immediately assume that the transaction is good and add its sum to the user\u2019s apparent balance, while in reality, the funds went elsewhere. As a result, an attacker can trick somebody like an online vendor into sending them some goods without actually paying. Another harmful outcome of such an attack is that the resulting fake balance confuses the wallet software, potentially preventing users from transferring some or all of their real assets.<\/p>\n<blockquote><p><b><i>\u201cThe core issue at the heart of the BigSpender vulnerability is that vulnerable wallets are not prepared for the option that a transaction might be canceled and implicitly assume it will get confirmed eventually,\u201d<\/i><\/b><i> ZenGo\u2019s post reads.<\/i><\/p><\/blockquote>\n<p>BigSpender attacks exploit a standard Bitcoin feature called <a href=\"https:\/\/bitcointalk.org\/index.php?topic=1802212.0\">Replace-By-Fee<\/a> (RBF). Roughly speaking, this feature is meant to allow users to add fees to a transaction, so it is more interesting to miners and thus gets processed sooner. Without RBF, a transaction offering too small of a fee may remain unconfirmed.<\/p>\n<p>Normally, an initial low-fee transaction would be discarded and new higher-fee transaction spending the same funds would take its place. Since the initial transaction isn\u2019t confirmed, the second transaction is perfectly valid and no double-spending takes place. Thanks to the BigSpender flaw, a wallet accounts for this first unconfirmed transaction and doesn\u2019t roll back when this transaction is \u201cundone\u201d via RBF.<\/p>\n<p>According to ZenGo, Ledger Live and BRD wallets have fixed the problem in versions 2.7.0 and 4.3 respectively, as well as awarded ZenGo investigators with a bug bounty. Edge wallet reportedly hasn\u2019t had a patch yet but plans to get it fixed further on.<\/p>\n<blockquote><p><b><i>\u201c[Y]our crypto, recovery phrase, private keys, PIN code, etc. are not at risk. No one can access your crypto without your consent. This method purely relies on trying to trick you, much like traditional crypto scams do. Another good news is that we never had reports of anyone being tricked by this method,\u201d <\/i><\/b><i>Ledger stated in a <\/i><a href=\"https:\/\/www.ledger.com\/trickery-is-not-a-vulnerability\"><i>blog post<\/i><\/a><i> regarding the BigSpender issue.<\/i><\/p><\/blockquote>\n<p>In conversation with Decrypt, Ledger\u2019s chief technology officer Charles Guillemet <a href=\"https:\/\/decrypt.co\/34271\/bitcoin-wallets-double-spending-attack-exploit\">noted<\/a> that the company\u2019s hardware wallets weren\u2019t affected by the flaw.<\/p>\n<p>Importantly, BigSpender is not an actual vulnerability of Bitcoin, but rather a quirk of the way certain applications interpret and present information to users. Although it doesn\u2019t let bad actors steal users\u2019 coins or access information, the flaw would be instrumental in scamming users or harassing certain wallets by repeatedly sending fake transactions.<\/p>\n<p>As pointed out in ZenGo\u2019s report, all three of the affected wallets mentioned can be reset so they show true balance and operate normally. Ledger users can fix things by <a href=\"https:\/\/support.ledger.com\/hc\/en-us\/articles\/360007412333-Fix-an-incorrect-balance\">clearing the cache<\/a>, Edge users can do it by pressing the \u201cResync\u201d in wallet options. For BRD users, recovery is complicated and would require the user to take the wallet seed to some other application that supports BRD\u2019s non-standard derivation path of key pairs from a seed.<\/p>\n<p>As a general guideline, users are advised to always check incoming transactions by means other than their wallet\u2019s history alone. To help fellow wallet developers tweak their products, ZenGo <a href=\"https:\/\/zengo.com\/bigspender-double-spend-vulnerability-in-bitcoin-wallets\/\">shared<\/a> their research tool made specifically for BigSpender.<\/p>\n<p><b>Follow us on <\/b><a href=\"https:\/\/twitter.com\/forklogmedia\"><b>Twitter<\/b><\/a><b> and <\/b><a href=\"https:\/\/www.facebook.com\/forklogmedia\"><b>Facebook<\/b><\/a><b> and join our <\/b><a href=\"https:\/\/t.me\/forklogmedia\"><b>Telegram channel<\/b><\/a><b> to know what\u2019s up with crypto and why it\u2019s important.<\/b><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The team behind the ZenGo crypto-currency wallet found a design flaw in several competing Bitcoin wallets allowing attackers to trick the software by sending and undoing transactions via the Replace-By-Fee feature.<\/p>\n","protected":false},"author":6,"featured_media":9187,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"human_written","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[18,942,57],"class_list":["post-9186","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-bitcoin","tag-vulnerabilities","tag-wallets"],"aioseo_notices":[],"amp_enabled":true,"views":"1567","promo_type":"1","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/9186","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=9186"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/9186\/revisions"}],"predecessor-version":[{"id":9189,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/9186\/revisions\/9189"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/9187"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=9186"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=9186"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=9186"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}