Threat Actors Steal Crypto Using BitForge Vulnerabilities

'BitForge' zero-day vulnerabilities in widespread cryptographic protocols (GG-18, GG-20, Lindell 17) impacted major crypto wallets like Coinbase, ZenGo, Binance. Attackers could swiftly steal digital assets from these wallets, bypassing user/vendor interaction. Fireblocks Cryptography Research Team found and named these flaws in May 2023. They publicly disclosed 'BitForge' during "Small Leaks, Billions Of Dollars" BlackHat talk. Fixes were applied by Coinbase and ZenGo. However, Binance and others remain vulnerable. Fireblocks created a checker to assess risk from faulty multi-part computation (MPC) protocols. Read more...