Tag Archives: security

Android Bitcoin & Litecoin wallets potentially vulnerable to theft due to coding flaw

Due to a serious flaw in the Java secure random number generator used by many Bitcoin applications on the Android operating system, any wallets generated by Android apps are potentially vulnerable to theft. While the advisory on bitcoin.org only mentions Bitcoin, the flawed code is also used in many Android Litecoin wallets, and probably also in whatever wallets exist for the various other cryptocurrencies.

If you have an Android wallet application on your mobile device, I highly recommend that you immediately generate a new address with the appropriate official desktop client (click here for Bitcoin and and here for Litecoin) and send all of your coins there. Do not use a cryptocurrency wallet on the Android OS until you can confirm that the version you’re using has been patched to fix the vulnerability, and discard any previously-generated wallet addresses permanently.

Update 8/12: The BBC has posted an article on the issue.

Update 8/14: And the first confirmed thefts due to the bug are starting to be reported.

Guide: Cryptocurrency Wallet Security

Litecoin walletSo you’ve built your own mining rig, you’ve mastered the art of trading for profit on the cryptocurrency exchanges, but you haven’t given much thought to securing your digital fortune against theft and accidental loss? Don’t worry, you’re not alone. Wallet security isn’t exactly a glamorous topic. In fact, many of you might even assume that you don’t need your own wallet at allafter all, mining pools and currency exchanges are more than happy to hold your money for you, right?

Letting somebody else control your money is a mistake that will likely end up costing you at some point. That mining pool operator that you assume is trustworthy could very well be a teenager halfway around the world that has no problem stealing your coins. The various digital currency exchanges are unregulated, not necessarily secure, and a daily target for hackersgood luck getting your money back when one is breached or goes belly up.

Since it’s still basically the Wild West when it comes to cryptocurrencies, the only way to ensure that your digital wallet can’t be stolen or lost is to secure it yourself. Thankfully, this isn’t all that difficult if you follow a few basic rules. Read on for the guide.