Two of the largest Bitcoin and cryptocurrency exchanges in the world, Coinbase and Binance, had a bug in their systems that could lead to cryptocurrency being stolen from their platforms in minutes.
The new error is BitForgediscovered by the security team of Fireblocks, a company that provides services to the crypto market.
The novelty has been in the spotlight since last Wednesday (9), when the company announced its results. A total of 15 cryptocurrency platforms were caught with the flaw, but the names of all of these platforms were not disclosed for security reasons.
For example, the brokers race against the clock to solve the malfunction and the situation continues to be monitored by the company.
Binance and Coinbase could lose all cryptocurrencies in minutes, you see
The bugs found in Bitforge relate to the use of multi-party computing (MPC) at security. Some of the most common implementations are the GG-18, GG-20 and Lindell17.
According to the new disclosure by Fireblocks, they have conducted a public audit of 15 providers of cryptocurrency wallets, blockchains and open source projects. The intention was to increase the security of MPC in the crypto market, but the results attracted attention.
This is because in some environments, an attacker with privileged access to the system can extract funds from wallets in seconds, without the knowledge of other users involved in the platforms.
Some exchanges that had the problem, Binance and Coinbase could also have a cryptocurrency theft in minutes, but both exchanges have already rushed to make corrections.
Publicly, Binance’s CEO congratulated the Fireblocks team for finding the vulnerability and said he had already fixed everything in his company.
“This issue was present in the open source code of the TSS Binance Library, which has been resolved. Thanks to Fireblocks for discovering it! No Binance user funds were affected. Even MPC preservation solutions come with risks.”
This issue was present in the open-source Binance TSS library, which has been resolved. Thanks to Fireblocks for discovering it!
At the @Binance user funds affected.
Even MPC preservation solutions have risks. stay #SAFU! 🙏 https://t.co/UneRs7VOj7
— CZ 🔶 Binance (@cz_binance) August 10, 2023
The Coinbase correction appears alongside the Zengo platform, which also made the corrections. The market is waiting to see which other companies had the newly discovered problem.
Coinbase and Zengo have been actively working to resolve the issue
As part of the 90-day responsible disclosure process, the Fireblocks team documented and verified their findings and created and delivered a responsible disclosure message and plan for those affected by BitForge. The crypto community has responded positively, with several wallet providers quickly patching their implementations.
That is, it is possible that potential victims have already made corrections to their environment and the problem is considered under control.
Of the wallet providers Fireblocks partnered with, Coinbase WaaS and Zengo stood out as the best in managing and resolving issues quickly, keeping their users well protected, the security firm stressed.
Source: Live Coins
Barry Siefert is an accomplished journalist and author at The Nation View. He is known for his expertise in the field of cryptocurrency, and has written extensively on the topic. With a background in finance and economics, Barry has a deep understanding of the underlying technology and market forces that drive the crypto industry.
