A study reveals that several cryptocurrency exchanges and trading platforms have security flaws that can put the funds stored within them at risk.
Jean-Philippe Aumasson, co-founder and CSO of Taurus Group, a renowned cybersecurity firm for exchanges and exchanges of cryptocurrencies, , said that several of the exchange platforms that are widely used around the world have serious security flaws in the way these exchanges store users' digital assets. According to Aumasson, he and his team, together with cryptocurrency manufacturer ZenGo, Omer Sholomovits, discovered several high-risk vulnerabilities that could be exploited by malicious actors or hackers to steal funds stored on these exchanges.
Aumasson is a renowned researcher and cryptographer, author of several books such as The BLAKE Hash Function y Serious Cryptography: A Practical Introduction to Modern Encryption, who has extensive experience and a track record in the world of cryptography and cybersecurity. In his statements, the expert states that:
“These organizations are managing a lot of money, so they have pretty high privacy and security requirements. They need a way to split cryptocurrency private keys into different components, different shares, so that no one party knows the full key and there is no single point of failure. But we found some flaws in the setup of these schemes that are not just theoretical. They really could have been executed by a malicious party.”
Even though exchanges use private keys fractionated to ensure the security of their platforms, Aumasson points out that there are several attack vectors that can either allow the theft of funds or completely disable an exchange's access to its stored funds.
It may interest you: Researcher discovers security vulnerability in Ledger that allows Bitcoin spending with fully valid signatures
Attack vectors on exchanges identified by Aumasson
Aumasson divided the possible attacks into three categories, and while he described how each of these attacks could be executed and how they were discovered, for security reasons he omitted the names of the exchanges where the vulnerabilities were detected. In addition, Aumasson noted that after identifying the security flaws, the exchanges proceeded to fix them immediately.
Open source library for key update function
The expert describes that the first identified attack comes from the private key update or rotation function with which some exchanges seek to improve the privacy features of the platform, so that malicious third parties cannot slowly work a private key. Aumasson points out that hackers could access the open source library and reconstruct the components of the private key or swap them so that the exchange completely loses access to the funds.
“The attack takes advantage of a flaw in the library’s mechanism for updating or rotating keys. In distributed key schemes, you don’t want the secret key or its components to remain the same forever, because over time an attacker could slowly compromise each part and eventually reassemble it. But in the vulnerable library, the update mechanism allowed one of the key holders to initiate an update and then manipulate the process so that some components of the key actually changed and others stayed the same.”
Customer-exchange interaction
Another vulnerability detected by experts is related to the interaction that a cryptocurrency exchange carries out with its clients. In this case, the flaw is present in another open source library managed by the key management company. During the key rotation process, a malicious party can silently extract the users' private key and manipulate the funds later.
“The flaw is another open source library, this time from an unnamed key management company. The company does not use the library in its own offerings, but the vulnerability could have been embedded elsewhere.”
Key generation protocol
Another of the flaws detected by experts, and which they point out as the most serious of all, is related to Binance's own key generation protocol, which allowed a user to assign random values to other users to verify their identity and generate their private keys. This vulnerability allowed the user to pretend to be the protocol itself.
The security flaw was detected by researchers when they found that the Binance protocol did not verify this process itself, nor the random values generated.
“As a result, a malicious party in key generation could send specially constructed messages to everyone else that would essentially choose and assign all of these values, allowing the attacker to later use this unvalidated information to extract everyone’s share of the secret key.”
Regarding this bug, Binance announced that it was fixed immediately and published a document on GitHub explaining that a well-known security firm conducted a complete review of the platform.
Finally, the researchers point out that, although a hacker must have a privileged position within an exchange to carry out these attacks, it is not unlikely that such an attack could be carried out and that the security of the platform and the stored funds could be compromised.
Continue reading: Tor, is it really a network that protects our privacy?
