BitCoin Transactions Vulnerable on Android

August 23, 2013 | By Editor

The use of BitCoin, digital currency that is not backed by a government,  is on the rise  because it is much more secure than currency transactions and has been a good investment so far.

However, a recent report in BitCoin.org revealed that its Mobile Security is under threat and coins are being stolen by hackers from unidentified location.  A vulnerability in the system can allow a third party to guess the private key provided for the digital wallet and nearly 55.8 BitCoins have been stolen, each worth about $104.52 at the time of the event.

A mailing was sent to all subscribers explaining that the private keys generated on Android phones as well as tablets are extremely weak and all android wallet apps are vulnerable to attack.

After thorough research and analysis, it was confirmed that the vulnerability originated from the Java Secure Random number generator. For better Mobile Security, the experts have advised users to frequently rotate their keys. The next step is to get a new address using a repaired random number generator and then send the same BitCoin funds back to your account.

This mobile security vulnerability is being treated with urgency because BitCoins are becoming an important part of e-Commerce and are a popular investment vehicle. A massive theft would dent in the sales market as well. The original Bitcoin Wallet is already patched and you should download the latest 3.15 version from Google Play Store.

Another report suggests users upgrade from BitcoinSpinner to Mycelium Wallet. The new version 0.6.5 can be officially downloaded either from the website or from Google Play Store right now. A patch for Blockchain . Info is still under development and will soon be released to general public.

This issue with private keys is considered a black eye for the popular Android platform, but it can be fixed with the above methods. Still, users are not required to associate names or e-mail addresses with the Bitcoin investment which is attracting more illegal criminals than legitimate investors. The cryptographic key pair of public-private keys is being used as the sole identifier who can use them money as required. The addresses are generated randomly by apps, online wallet services and exchanges are being compromised to easily.

However, adding personal identification to secure Bitcoin transactions will provide better mobile security. Virtual currency monitoring will be introduced shortly, according to New York Department of Financial Services report.

Be Sociable, Share!

    Add new comment

    Your name
    Comment

    You may use these HTML tags and attributes: <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>