Bitcoin Forum
April 17, 2014, 01:09:14 PM *
News: ♦♦ A bug in OpenSSL, used by Bitcoin-Qt/Bitcoin Core, could allow your bitcoins to be stolen. Immediately updating Bitcoin Core to 0.9.1 is required in some cases, especially if you're using 0.9.0. Download. More info.
The same bug also affected the forum. Changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2  All
  Print  
Author Topic: Bitmessage security breach?  (Read 12836 times)
geofflosophy
Full Member
***
Offline Offline

Activity: 182



View Profile

Ignore
August 21, 2013, 03:28:58 AM
 #1

I got the following message sent to three of my Bitmessage addresses tonight, two of which I've never given anyone:

Quote
Bitmessage has several potential security issues including a broken proof of work function and potential private key leaks.

 Full details:
 http://secupost.net/1189531455/bitmessage-security

The link doesn't seem to be working, does anyone know anything about this?
1397740154
Hero Member
*
Offline Offline

Posts: 1397740154

View Profile Personal Message (Offline)

Ignore
1397740154
Reply with quote  #2

1397740154
Report to moderator
1397740154
Hero Member
*
Offline Offline

Posts: 1397740154

View Profile Personal Message (Offline)

Ignore
1397740154
Reply with quote  #2

1397740154
Report to moderator
GAWMiners.com - FREE Hosting & Electricity for 1 Year!
Exclusive Offer Code: GAWHOST1
Mining Made Easy
For Everyone

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1397740154
Hero Member
*
Offline Offline

Posts: 1397740154

View Profile Personal Message (Offline)

Ignore
1397740154
Reply with quote  #2

1397740154
Report to moderator
1397740154
Hero Member
*
Offline Offline

Posts: 1397740154

View Profile Personal Message (Offline)

Ignore
1397740154
Reply with quote  #2

1397740154
Report to moderator
1397740154
Hero Member
*
Offline Offline

Posts: 1397740154

View Profile Personal Message (Offline)

Ignore
1397740154
Reply with quote  #2

1397740154
Report to moderator
1397740154
Hero Member
*
Offline Offline

Posts: 1397740154

View Profile Personal Message (Offline)

Ignore
1397740154
Reply with quote  #2

1397740154
Report to moderator
Rishodi
Member
**
Offline Offline

Activity: 71



View Profile WWW

Ignore
August 21, 2013, 03:53:20 AM
 #2

A friend of mine just reported that he received the exact same message to his only address, which he had shared with no one other than me.

I opened the link in a sandbox, only to see a HTTP 500 error.

Edit: I just received the same message to my own address, which I've used only twice, from address BM-2D8yr4fzoMzwndqPwLMVyzUcdfK9LWZXjY

1riSHoDiEJYugSYzfzrDrdLDmi4MaLYqK
geofflosophy
Full Member
***
Offline Offline

Activity: 182



View Profile

Ignore
August 21, 2013, 05:28:26 AM
 #3

I have now received it at all 8 of my addresses, only one of which I've ever given anyone. Maybe it's the NSA trying to link public keys to addresses when you open the link... Good thing I use a VPN.
favdesu
Full Member
***
Offline Offline

Activity: 168


No Pain, No Gain


View Profile WWW

Ignore
August 21, 2013, 05:33:36 AM
 #4

maybe it's just a message from the official bitmessage channel, to which you're subscribed by default? can't check it atm, but it may be possible

geofflosophy
Full Member
***
Offline Offline

Activity: 182



View Profile

Ignore
August 21, 2013, 05:41:12 AM
 #5

maybe it's just a message from the official bitmessage channel, to which you're subscribed by default? can't check it atm, but it may be possible

Address is BM-2D8yr4fzoMzwndqPwLMVyzUcdfK9LWZXjY; it's not the official channel I'm autosubscribed to.

Edit: I replied to the message letting the sender know that the link doesn't work and asking for more details. If he/she sent this message to every bitmessage address in the world, I'd imagine there will be many replies like this.
padre999
Newbie
*
Offline Offline

Activity: 21


View Profile

Ignore
August 21, 2013, 01:55:59 PM
 #6

Received one of those messages from the same sender as well, to an address of mine which I published only on Facebook to "my friends".

Each of the included links is unique as you probably noticed. So I guess this is actually a big orchestrated effort to somehow link BM addresses to IP numbers. Very odd.

I wonder where they get the addresses from, and if there is some malicious script on the linked site.

... just as I type, one of those messages arrived on another address of mine which I only shared via email to very few people...

ODD!!!
jackjack
Hero Member
*****
Offline Offline

Activity: 504


May Bitcoin be touched by his Noodly Appendage


View Profile

Ignore
August 21, 2013, 02:53:48 PM
 #7

Are you saying that these messages are sent to addresses that were never made public?
If so, it's either from bitmessage themselves or they've been hacked

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
geofflosophy
Full Member
***
Offline Offline

Activity: 182



View Profile

Ignore
August 21, 2013, 03:26:15 PM
 #8

Received one of those messages from the same sender as well, to an address of mine which I published only on Facebook to "my friends".

Each of the included links is unique as you probably noticed. So I guess this is actually a big orchestrated effort to somehow link BM addresses to IP numbers. Very odd.

I wonder where they get the addresses from, and if there is some malicious script on the linked site.

... just as I type, one of those messages arrived on another address of mine which I only shared via email to very few people...

ODD!!!

Yea, I did notice that as well, which is one of the reasons that thought about linking BM to IP occurred to me. I am pretty sure I only used the one I'd shared before to follow the link, but my IP is protected by a VPN anyway so they'd have nothing.

Quote
Are you saying that these messages are sent to addresses that were never made public?

Yes, I am saying that. But I'm not sure that your implications are correct. Like reading the blockchain, they may be able to find the public keys of every address on the network without trouble.
jackjack
Hero Member
*****
Offline Offline

Activity: 504


May Bitcoin be touched by his Noodly Appendage


View Profile

Ignore
August 21, 2013, 03:43:29 PM
 #9

Yes, I am saying that. But I'm not sure that your implications are correct. Like reading the blockchain, they may be able to find the public keys of every address on the network without trouble.
My knowledge about bitmessage is very close to 0, so you should be right
I thought never used address were impossible to find

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
padre999
Newbie
*
Offline Offline

Activity: 21


View Profile

Ignore
August 21, 2013, 04:17:05 PM
 #10

The developers seem to be aware of the situation:

https://bitmessage.org/forum/index.php/topic,2964.0.html
Darktongue
Sr. Member
****
Offline Offline

Activity: 350


Big or small she can take it all >:)


View Profile WWW

Ignore
August 21, 2013, 07:13:55 PM
 #11

Well this prompted me to check both my public abd private have been sent this message.  I can't help but throw my tin foil on.  Question is if by chance this is the goverment.  Why BM?:And further more. .. more as a funny.  Could this m be that they are still fuckin butthurt they can't crack PGP?


Block Erupter OC Services:  Escrow Ready - PM's welcome
geofflosophy
Full Member
***
Offline Offline

Activity: 182



View Profile

Ignore
August 22, 2013, 02:15:30 AM
 #12

Well this prompted me to check both my public abd private have been sent this message.  I can't help but throw my tin foil on.  Question is if by chance this is the goverment.  Why BM?:And further more. .. more as a funny.  Could this m be that they are still fuckin butthurt they can't crack PGP?



If it is the government, which is still obviously a big if, they might target BM because people see it as the most secure way to transact, especially knowing that tormail was cracked.
01BTC10
VIP
Hero Member
*
Offline Offline

Activity: 672


quebecbitcoin.com


View Profile WWW

Ignore
August 22, 2013, 02:20:17 AM
 #13

Found this: http://www.chronicles.no/2013/08/bitmessage-crackdown.html

favdesu
Full Member
***
Offline Offline

Activity: 168


No Pain, No Gain


View Profile WWW

Ignore
August 22, 2013, 05:03:44 AM
 #14

http://www.reddit.com/r/bitmessage/comments/1krss6/bitmessage_is_broken_i_am_receiving_messages_on/

Quote
People, do you follow URLs in spam e-mails?

Then why are you following a URL in a spam bitmessage?


Ente
Hero Member
*****
Offline Offline

Activity: 966



View Profile

Ignore
August 23, 2013, 03:12:47 PM
 #15

Here you find what happened:
http://www.chronicles.no/2013/08/bitmessage-crackdown.html

Tl;dr:
1) Guy extracted *all* BM adresses from a local file
2) Sent messages with unique IDs to every message
3) Records IP, useragent and whatnot on his server
4) Publish explanation and logs
5) ??

https://bitmessage.org/forum/index.php/topic,2964.0.html
Quote
When you generate an address the pubkeys are sent out. From these the address can be recreated.
Quote
All pubkeys for all addresses are published

Also, very much:
http://www.reddit.com/r/bitmessage/comments/1krss6/bitmessage_is_broken_i_am_receiving_messages_on/

Quote
People, do you follow URLs in spam e-mails?
Then why are you following a URL in a spam bitmessage?

Ente
niko
Hero Member
*****
Offline Offline

Activity: 742


There is more to Bitcoin than bitcoins.


View Profile

Ignore
August 26, 2013, 04:11:42 PM
 #16

Received the messages, noticed each had a unique ID as part of the link, so I never clicked on anything. Looks like an attempt to collect IPs of bitmessage users.

They're there, in their room.
Your mining rig is on fire, yet you're very calm.
niko
Hero Member
*****
Offline Offline

Activity: 742


There is more to Bitcoin than bitcoins.


View Profile

Ignore
August 26, 2013, 04:14:13 PM
 #17

http://pastebin.com/vH9z5pNm

Quote
This message is also available at http://secupost.net
 
Alright, the messages sent out a few days ago are starting to expire now. It's time for everyone to learn what the purpose of secupost.net is.
 
As many of you guessed, this is indeed a Bitmessage address to IP address mapper. Yes, the only thing that webserver would send was a 500 message.
 
It did alright too, gathering nearly 500 bitmessage users information after sending 15000 messages. Double what I expected.
 
I've included both a log of each address detected and the first thing to hit it including IP, reverse DNS and useragent as well as raw logs for every valid request. If you need to confirm this signature so you can verify messages from me when bitmessage is down, please see the bitmessage general chan for a copy from my bitmessage address.
 
So, future lessons:
- - - Yes, all bitmessage addresses are public and can be read from your messages.dat file using a small script.
- - - Don't click links. Even if it looks like a security-related site and uses some technical terms. I am not a nice person, I will publish any information I can gather about you and I don't care if you get lit on fire by terrorists because of it.
- - - Bitmessage does _not_ scale. It took me around 3.5 hours to send ~15k messages but it took the bitmessage network over 18 hours to fully propogate them.
 
Some of you were smart enough to use tor or VPN providers, but many of these are direct home or server IPs. The information below is more than enough for any government to come after you or any script kiddie to DDoS you. Be more careful next time.
 
Some of you tried to use scripts to claim addresses which weren't yours and skew the data, of course, you didn't even change your user-agent.
 
Even without accouting for that your attacks were ineffective because the IDs were generated in a non-linear fashion using a cropped HMAC-SHA256. To find your id:
 
def gen_mac(addr):
        mac = hmac.new("fuck you", addr, hashlib.sha256).digest()
        return unpack('>I', mac[0:4])[0]
 
This simple deterministic method means that you would have had to try... (2^32/15000)/2 = 143165 times on average just to get a single collision. Thanks for playing, but no luck this time.
 
This service has been operated completely anonymously thanks to Tor and Bitcoin. I hope you enjoy the result.
 
Robert White (BM-2D8yr4fzoMzwndqPwLMVyzUcdfK9LWZXjY)
 
BM-2DA3TCHz21eZ7ptJYV4y1ZjgWbM67DuwuW 172.249.2.119 cpe-172-249-2-119.socal.res.rr.com. "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-2D7wBdwEUB4WxyxtRnofy7xh3hswdeTbs6 212.227.66.33 et-0-nat-1.gw-nat-a.spb.muc.de.oneandone.net. "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-2D8EWs8RgMcDevKoBQTABeiVQHrfofNUTk 81.27.53.57 81-27-53-57.domolink.elcom.ru. "Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.16"
BM-GtojGUv6ibnhc45TdT8yri3q1wgaUQMY 141.105.4.147  "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-GtWLbsErzqpJ12hcimbNkdmSjx4uPBLi 183.93.115.208  "Mozilla/5.0 (X11; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-2D9zAMrTt9SatQmsnpwHKwgwYQWTftDouT 75.42.21.21 75-42-21-21.lightspeed.renonv.sbcglobal.net. "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-2D92wxSMTiydW5i2v2LsuCGEU4RvyFx5xv 76.26.149.161 c-76-26-149-161.hsd1.dc.comcast.net. "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-Gu9E1bH1AbquayZbM56jZ3oxQTBJNNh5 95.211.169.45 hosted-by.leaseweb.com. "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-2DAWJ3LkFLyPhQW9MZ9wPSNyAtvUsBzWnG 86.140.205.124 host86-140-205-124.range86-140.btcentralplus.com. "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/28.0.1500.71 Chrome/28.0.1500.71 Safari/537.36"
BM-GuJXmEFP5svk656Qcb2BhMxX7qxoXzDM 67.42.161.132 67-42-161-132.bois.qwest.net. "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-GuBfb4KrhEUGF2MfdrqkAuTNeUBXa4ke 79.141.166.32  "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; InfoPath.1)"
BM-Gty5A4E2yeuWM2FkgnJGgagJ8aYXCz1F 216.105.250.50  "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36"
BM-2DBZScRMbpNB5xYsWwFsCTS1sm8CaKiq9L 216.18.239.210  "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0"

etc. etc.

They're there, in their room.
Your mining rig is on fire, yet you're very calm.
jackjack
Hero Member
*****
Offline Offline

Activity: 504


May Bitcoin be touched by his Noodly Appendage


View Profile

Ignore
August 26, 2013, 04:39:48 PM
 #18

Wow
Consequences will never be the same

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
geofflosophy
Full Member
***
Offline Offline

Activity: 182



View Profile

Ignore
August 26, 2013, 08:19:42 PM
 #19

http://pastebin.com/vH9z5pNm

Quote
This message is also available at http://secupost.net
 
Alright, the messages sent out a few days ago are starting to expire now. It's time for everyone to learn what the purpose of secupost.net is.
 
As many of you guessed, this is indeed a Bitmessage address to IP address mapper. Yes, the only thing that webserver would send was a 500 message.
 
It did alright too, gathering nearly 500 bitmessage users information after sending 15000 messages. Double what I expected.
 
I've included both a log of each address detected and the first thing to hit it including IP, reverse DNS and useragent as well as raw logs for every valid request. If you need to confirm this signature so you can verify messages from me when bitmessage is down, please see the bitmessage general chan for a copy from my bitmessage address.
 
So, future lessons:
- - - Yes, all bitmessage addresses are public and can be read from your messages.dat file using a small script.
- - - Don't click links. Even if it looks like a security-related site and uses some technical terms. I am not a nice person, I will publish any information I can gather about you and I don't care if you get lit on fire by terrorists because of it.
- - - Bitmessage does _not_ scale. It took me around 3.5 hours to send ~15k messages but it took the bitmessage network over 18 hours to fully propogate them.
 
Some of you were smart enough to use tor or VPN providers, but many of these are direct home or server IPs. The information below is more than enough for any government to come after you or any script kiddie to DDoS you. Be more careful next time.
 
Some of you tried to use scripts to claim addresses which weren't yours and skew the data, of course, you didn't even change your user-agent.
 
Even without accouting for that your attacks were ineffective because the IDs were generated in a non-linear fashion using a cropped HMAC-SHA256. To find your id:
 
def gen_mac(addr):
        mac = hmac.new("fuck you", addr, hashlib.sha256).digest()
        return unpack('>I', mac[0:4])[0]
 
This simple deterministic method means that you would have had to try... (2^32/15000)/2 = 143165 times on average just to get a single collision. Thanks for playing, but no luck this time.
 
This service has been operated completely anonymously thanks to Tor and Bitcoin. I hope you enjoy the result.
 
Robert White (BM-2D8yr4fzoMzwndqPwLMVyzUcdfK9LWZXjY)
 
BM-2DA3TCHz21eZ7ptJYV4y1ZjgWbM67DuwuW 172.249.2.119 cpe-172-249-2-119.socal.res.rr.com. "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-2D7wBdwEUB4WxyxtRnofy7xh3hswdeTbs6 212.227.66.33 et-0-nat-1.gw-nat-a.spb.muc.de.oneandone.net. "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-2D8EWs8RgMcDevKoBQTABeiVQHrfofNUTk 81.27.53.57 81-27-53-57.domolink.elcom.ru. "Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.16"
BM-GtojGUv6ibnhc45TdT8yri3q1wgaUQMY 141.105.4.147  "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-GtWLbsErzqpJ12hcimbNkdmSjx4uPBLi 183.93.115.208  "Mozilla/5.0 (X11; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-2D9zAMrTt9SatQmsnpwHKwgwYQWTftDouT 75.42.21.21 75-42-21-21.lightspeed.renonv.sbcglobal.net. "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-2D92wxSMTiydW5i2v2LsuCGEU4RvyFx5xv 76.26.149.161 c-76-26-149-161.hsd1.dc.comcast.net. "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-Gu9E1bH1AbquayZbM56jZ3oxQTBJNNh5 95.211.169.45 hosted-by.leaseweb.com. "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-2DAWJ3LkFLyPhQW9MZ9wPSNyAtvUsBzWnG 86.140.205.124 host86-140-205-124.range86-140.btcentralplus.com. "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/28.0.1500.71 Chrome/28.0.1500.71 Safari/537.36"
BM-GuJXmEFP5svk656Qcb2BhMxX7qxoXzDM 67.42.161.132 67-42-161-132.bois.qwest.net. "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0"
BM-GuBfb4KrhEUGF2MfdrqkAuTNeUBXa4ke 79.141.166.32  "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; InfoPath.1)"
BM-Gty5A4E2yeuWM2FkgnJGgagJ8aYXCz1F 216.105.250.50  "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.95 Safari/537.36"
BM-2DBZScRMbpNB5xYsWwFsCTS1sm8CaKiq9L 216.18.239.210  "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0"

etc. etc.

I can confirm that one of my BM addresses is on this list, but my VPN successfully protected my IP address. Will still consider that address publicly linked to this forum account though, as it doesn't look like there are too many other VPNs on there.
01BTC10
VIP
Hero Member
*
Offline Offline

Activity: 672


quebecbitcoin.com


View Profile WWW

Ignore
August 26, 2013, 10:50:21 PM
 #20

This address: BM-2DAxNoKvxLrSxRM9M19W1tu9mnAuwWrXMx was logged 21 times with various IP because the message was posted on the Internet. Right here: http://www.chronicles.no/2013/08/bitmessage-crackdown.html if my memory is right.

Pages: [1] 2  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!