Blockchain.info isn't safe - My Wallet Password Stealer (Passes the "Verifier")

[🏰 TradeFortress 🏰]

Didn't take me this long: https://i.imgur.com/y905u.png

Yes, it passes all the "verifiers". The alert stopped script execution, but after that there is "Not modified". I used MS Paint to remove the checksum and potentially unique identifiers.

Feel free to disregard / think this is fake / etc at your own risk (the attacker could have modified it to send your password to their server). I don't plan on releasing the proof of concept unless there is sufficient demand for it.

I have nothing personal against blockchain.info, but I'm not going to bother finding the quote by blockchain.info saying how they take loads of (ineffective) security precautions.. Just saying your blockchain wallet isn't safe.

[makomk]

Damn, why didn't I think of this? 

[HorseRider]

 watch.

[piuk]

You have just modified the javascript in your own browser. The javascript is the bitcoin client and if you modify the client then of course you can change it to print the password or private keys etc. It would be trivial to modify the Bitcoin-Qt source to add an alert box which prints the password in a similar fashion.

This is how the service works, client side.

[molecular]

Could you please be more specific as to what "not safe" is supposed to mean and what kind of attack could be done with that?

As far as I can tell for now: what piuk says, you're just displaying your own password.

EDIT: just saw your other thread about JAIL and BLOCKCHAIN.INFO and shit? I'm having a hard time believing you don't have some sort of personal issue with blockchain.info. This is pure FUD in my eyes.

[hamdi]

would need the end-user install a browser-plugin to achieve this...

[DannyHamilton]

. . . Just saying your blockchain wallet isn't safe.

This is just silly.  You wrote your own program to do what you wanted it to do, then you ran that program, and you are upset that your program does what you designed it to do?

How is this different than rewriting the Bitcoin-Qt program, compiling it, and then running it.

Silly, just silly.

[underminer]

Wouldn't this really only be a problem if the "mark" downloaded your bitcoin client instead of the real one?

[prezbo]

Ah give him a break, he obviously doesn't understand how these javascript verifiers work.

[DannyHamilton]

Wouldn't this really only be a problem if the "mark" downloaded your bitcoin client instead of the real one?

Yes, I believe it is called "phishing".

Create a web page that looks like blockchain.info's website.  Using social engineering techniques, attempt to fool people into accidentally coming to your site while tricking them into believing that they are at the real blockchain.info site.  Get them to enter their password.

Such deceit might use a URL such as blockchain.com, blockchain.net, blockchain.edu, blickchain.info, b1ockchain.info, bl0ckchain.info, bitchain.info, etc.

[🏰 TradeFortress 🏰]

You have just modified the javascript in your own browser. The javascript is the bitcoin client and if you modify the client then of course you can change it to print the password or private keys etc. It would be trivial to modify the Bitcoin-Qt source to add an alert box which prints the password in a similar fashion.

This is how the service works, client side.

Except I haven't modified. This s a security vulnerability, you never try to do crypto with JavaScript.

I could have made a, say Chrome bitcoin watcher plugin. Obfuscate the code to prevent detection, and wait till people log in with blockchain.

If you made a desktop client, this wouldn't have happened because of sand boxing.

Anyway, I am going to work on a network based attack now.

[prezbo]

you never try to do crypto with JavaScript.

What is this then?

[🏰 TradeFortress 🏰]

It is possible to make a login form that plugins can't capture, by the way.

[ThomasV]

@OP: can you explain more precisely what you did?

[Brunic]

@OP: can you explain more precisely what you did?

He looked into his own system memory and was amazed to discover stuff. 

[molecular]

@OP: can you explain more precisely what you did?

He looked into his own system memory and was amazed to discover stuff. 

In his last post he said he managed to make a browser plugin that was able to read the pw when user entered it on blockchain.info. That would be a serious threat.

[Brunic]

@OP: can you explain more precisely what you did?

He looked into his own system memory and was amazed to discover stuff. 

In his last post he said he managed to make a browser plugin that was able to read the pw when user entered it on blockchain.info. That would be a serious threat.

That's how it's supposed to work. When you open a Blockchain wallet, you're opening it in your own computer RAM. Your own browser is going to read at your own password, because he needs it to decrypt your wallet in the memory. Yes, there's a vulnerability when you type your password and use it to decrypt your wallet, since you can intercept the password at that moment (using a keylogger or any malicious software). But it's nothing new, that vulnerability always existed. If you use the official Bitcoin software and type your password to decrypt your wallet, you have the same vulnerability. Your password is going to exist in a decrypted form in your system memory at a point in time. We consider the risk acceptable simply because RAM is so volatile.

The difference between blockchain.info and other online wallets is that the point of failure is at each user computer, instead of being the server itself.

tl;dr
TradeFortress is trolling.

[🏰 TradeFortress 🏰]

@OP: can you explain more precisely what you did?

He looked into his own system memory and was amazed to discover stuff. 

In his last post he said he managed to make a browser plugin that was able to read the pw when user entered it on blockchain.info. That would be a serious threat.

Exactly. Now, other browser based wallets would be vulnerable too. But Blockchain.info is giving a false sense of security by making the user think that their password is secure. Doesn't matter if "Your passwords are stored with triple AES256 encryption on our armed drone-monitored datacenters traveling over gold wires" when the back door is right open.

There are a lot of ways to prevent this.

Javascript to obfuscate the entering of passwords.

Trapping the click event so that other JS on page cannot bind a click listener to it (gmail does this for some functions).

Don't have a static id for the password box, instead randomly generate and assign it.

Etc etc etc.

[piuk]

Malicious browser extensions are a type of malware and it is the mostly users responsibility to ensure they have a clean OS when dealing with financial sites. No bitcoin users should be running random exe's and if you are using any bitcoin websites you shouldn't be installing random extensions (specifically ones which ask for permission to run on blockchain.info/Mt.Gox/instawallet etc). The current version of the js verifier specifically allows for other extensions to continue to run scripts.

Multisig is the only full proof solution to this problem.

[molecular]

can someone explain to me what a browser extension can do?

I understand that a plugin that can "access your data on all web-pages" can legitimately (from browser securities view) gain access to the password when the users accesses blockchain.info.

The OP made it sound like a malicious extension that can - say - read your data on bitcoincharts.com (to somehow extend the user experience or whatever) could gain access to the blockchain.info password and send it home.

A good example might be adblock, which has to be able to access (read and manipulate) the content of all pages you visit and also needs to be able to use network connections for filter updates.

I can't find any extension-related security settings in chrome. Here's some info for devs: http://developer.chrome.com/extensions/contentSecurityPolicy.html.

Is anyone in the know and can save me some reading?