Wednesday, May 18, 2011

Security of Bitcoin websites

Bitcoins are a (relatively) new digital currency. Their closest real-world analogue is to cash, since there is no central authority that manages them. Transaction fees within the system are also very very small, less than 0.1% if even that much.

I'm not an expert, but here's a quick primer: you can send coins in your wallet to a valid address, and this transaction is validated by a peer-to-peer network. Addresses can be created at will. Coins are validated via their history, so you can see the addresses of previous transactions involving those coins. For example, I just made up the address 15NhuaukwoUoHWRJijfdrb4iiz6D61mCds; you can see the history of that address here, which is blank right now. (If you give me bitcoins at that address, there is a "receipt" right there. See, bitcoins makes begging on-line seem cool again, just like it was ten years ago.)

Bitcoin's online use also makes a brand-new target for thieves. Instead of breaking into your computer to try and sniff your passwords or selling you off to a zombie net, hackers could directly steal value stored there.

This also applies to websites that handle bitcoins. There is no central body so there is no such thing as PCI Compliance. But websites that allow bitcoins to be transferred to other addresses need to take security very seriously, as if they were handling credit card information or actual cash like a bank.

(Websites that receive payments via Bitcoin do not need to worry as much, but they still should use best practices.)

One example is Mt Gox, a site that facilitates the exchange of different currencies, including US Dollars and Bitcoins. EvilPacket demonstrated a XSS and CSRF attack against the site, which has since been fixed.

One of the more popular source of coins these days are "mining pools," in which lots of people work together to help the peer-to-peer network validate transactions, and are occasionally rewarded with new bitcoins. All these sites have web interfaces. I gave a peek to see if they were vulnerable to some simple attacks.

BTCMine, slush's pool, and MtRed were all safe. (MtRed claims to have fixed a CSRF problem, but if so then it was definitely before I looked, and it seems like it was built right into their framework automatically.)

I incorrectly thought that DeepBit was vulnerable, but the admin pointed out that he already had defenses in place, and when I checked my notes, it turns out he was right all along. Good show there (plus they require email confirmation for changing their destination address).

Bitcoin Pool was vulnerable when I checked. I could change my receiving address blindly, which means it was ripe for a CSRF attack. I dropped an admin a private message in their forum, and didn't get a response. But they seem to have taken action anyway. If you go to now, it fails unless you are using a referrer from their own domain.


As users, the big piece of advice: log out of any website that lets you transmit bitcoins. Log in to those sites only one at a time, and with a separate browser (or even a browser within a VM if you have sufficient amounts of money in play).

As website developers, you need to build secure sites. That's a whole different article.

As a network... well, that's interesting. If one were to perform a widespread theft like this, actions could still be taken against the thieves.

Although you may hear people describe bitcoins as anonymous, the better word is pseudonymous. You can make arbitrary account numbers and receive payment at them, but their use can still be tracked. A theft of a sufficient number of coins would attract the attention of the FBI or similar organization.

At some point, just like with US Dollars, the holders of stolen Bitcoins will want to redeem them for goods or services. Even if they bounce the stolen Bitcoins through thousands of addresses, those can be tracked, since the entire nature of the network is that it is transparent. Eventually a vendor of something physical will acquire some of these coins and be able to provide authorities with some kind of address for the crooks.

Fencing stolen coins is still possible, but actually harder than it would be with, say, a briefcase full of greenbacks.