Digital assets infrastructure company Fireblocks has discovered a vulnerability, BitForge, which impacted the multi-party computation (MPC) protocol of major crypto platforms like Binance and Coinbase.
Frequently crypto hacks make headlines, draining billions of dollars in users’ funds. However, cybersecurity experts are discovering and reporting project vulnerabilities, and helping secure users’ funds.
Hackers Could Potentially Steal Funds in Seconds
The Fireblocks team wrote a blog post highlighting their discovery of BitForge, a zero-day vulnerability impacting over 15 crypto projects. Fireblocks wrote:
“The team uncovered zero-day vulnerabilities… that would allow an attacker with privileged access to drain funds from wallets. In some implementations, the attack will only take seconds, with no knowledge to the user or vendor.”
The BitForge vulnerability affects the MPC system, also known as the threshold signature scheme (TSS). In simpler terms, this facility allows the completion of a transaction only after it gets a certain number of signatures.
If the fixed threshold is three, a transaction authorization requires a minimum of three signatures.
Recently, the Multichain project suffered a $126 million hack because the hackers gained access to minimum threshold keys due to a compromise in the MPC system.
How White Hat Hackers Protect Crypto Ecosystem
The projects like Binance and Coinbase Wallet as a Service (WaaS) suffered from BitForge vulnerability. Coinbase Cloud team thanked the cybersecurity experts and informed the users that they updated libraries to improve error handling.
Changpeng Zhao, the co-founder of Binance, also appreciated the efforts. He wrote on X (Twitter):
“This issue was present in the TSS Library Binance open-sourced, which has been fixed. Thanks to Fireblocks for uncovering it! No Binance user funds affected. Even MPC custody solutions have risks. Stay SAFU!”
Indeed, the frequent hacks are one of the major challenges the crypto ecosystem needs to solve. But white hat hackers are trying to minimize the damage caused by the bad actors.
Recently, white hat hackers protected the Tron blockchain by reporting a potential multi-sig vulnerability. The vulnerability could have put over $500 million in users’ funds at risk.
Last year, through proactive reporting of vulnerabilities, the white hat hackers saved over $20 billion in users’ funds
Click here to learn about multisig wallets.
Got something to say about BitForge vulnerability or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTok, Facebook, or X (Twitter).
For BeInCrypto’s latest Bitcoin (BTC) analysis, click here.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
