Android Bitcoin Wallet Theft Vulnerability Discovered

It’s not news that Android has some security problems, but here’s another one: Android wallets aren’t secure. According to Bitcoin, the issue stems from a secure random number generator in the OS itself, which is vulnerable to exploits. The generator is needed to secure the wallets, so thus, the wallets are not secure.

Bitcoin notes that apps where users don’t control private keys, such as exchange frontends Coinbase or Mt Gox, aren’t affected, but many apps are. Bitcoin posted an “incomplete list” that includes Bitcoin Wallet, BitcoinSpinner, Mycelium Bitcoin Wallet, and blockchain.info.

blockchain.info screenshots
blockchain.info app

The apps are being updated, so users can head over to the Google Play store (or Google Code or mycelium.com as the case may be) and get the latest versions. Further, Bitcoin suggests rotating keys by generating a new address and sending your wallet money back to yourself.

Via:  Bitcoin
blog comments powered by Disqus