Android security flaw leaves Bitcoin wallets 'vulnerable'

Bitcoin wallets are said to be vulnerable to theft thanks to a security flaw in a component of the operating system.

According to developers at Bitcoin, the Android SecureRandom class has several ‘severe bugs’ that make it useless for cryptographic purposes.

Several wallets including Bitcoin Wallet, BitcoinSpinner, Mycelium Wallet and blockchain.info are now developing updates to deal with the flaw.

Bitcoin said in a statement that in order to re-secure existing wallets, key rotation is necessary.

"This involves generating a new address with a repaired random number generator and then sending all the money in your wallet back to yourself," Bitcoin said.

"If you use an Android wallet then we strongly recommend you to upgrade to the latest version available in the Play Store as soon as one becomes available.

"Once your wallet is rotated, you will need to contact anyone who has stored addresses generated by your phone and give them a new one.

The patch up would involve generating a new address with a repaired random number generator, with users being allowed to send the money in their current wallet to the new one.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing