🔴 Critical  |  Source: The Hacker News


A vulnerability dubbed ‘Ill Bloom’, disclosed by security firm Coinspect, allows attackers to predict cryptocurrency wallet recovery phrases due to weak randomness in how some wallet software generates them. With knowledge of the recovery phrase, an attacker gains full control of the associated wallet and can drain all funds. Exploits are already active, with a confirmed coordinated attack on 27 May resulting in losses exceeding $5 million.

Security Architect’s Take: Audit any internally developed or third-party cryptocurrency wallet integrations for cryptographically secure random number generation (CSPRNG) in key and seed phrase derivation; ensure all entropy sources meet NIST SP 800-90A standards and conduct a review of any wallet software dependencies for exposure to this specific flaw.

Original advisory: Attackers Exploit ‘Ill Bloom’ Vulnerability to Drain Over $5 Million From Cryptocurrency Wallets