“BigSpender” Exploit in Some Bitcoin Wallets Allows Attackers to Fake Transactions

News and Analysis

The team behind the ZenGo crypto-currency wallet found a design flaw in several competing Bitcoin wallets allowing attackers to trick the software by sending and undoing transactions via the Replace-By-Fee feature.

The vulnerability named “BigSpender” has been discovered about three months ago as part of ZenGo’s security research. The team notified the affected providers and waited for 90 days before disclosing the information publicly on June 1st. Ledger Live, BRD, and Edge were among the affected wallets.

BigSpender flaw allows an attacker to send a Bitcoin transaction with a minimal fee and then, before this transaction is confirmed, replace it with another higher-fee transaction sending the same coins to a different address.

The problem is that some wallets would immediately assume that the transaction is good and add its sum to the user’s apparent balance, while in reality, the funds went elsewhere. As a result, an attacker can trick somebody like an online vendor into sending them some goods without actually paying. Another harmful outcome of such an attack is that the resulting fake balance confuses the wallet software, potentially preventing users from transferring some or all of their real assets.

“The core issue at the heart of the BigSpender vulnerability is that vulnerable wallets are not prepared for the option that a transaction might be canceled and implicitly assume it will get confirmed eventually,” ZenGo’s post reads.

BigSpender attacks exploit a standard Bitcoin feature called Replace-By-Fee (RBF). Roughly speaking, this feature is meant to allow users to add fees to a transaction, so it is more interesting to miners and thus gets processed sooner. Without RBF, a transaction offering too small of a fee may remain unconfirmed.

Normally, an initial low-fee transaction would be discarded and new higher-fee transaction spending the same funds would take its place. Since the initial transaction isn’t confirmed, the second transaction is perfectly valid and no double-spending takes place. Thanks to the BigSpender flaw, a wallet accounts for this first unconfirmed transaction and doesn’t roll back when this transaction is “undone” via RBF.

According to ZenGo, Ledger Live and BRD wallets have fixed the problem in versions 2.7.0 and 4.3 respectively, as well as awarded ZenGo investigators with a bug bounty. Edge wallet reportedly hasn’t had a patch yet but plans to get it fixed further on.

“[Y]our crypto, recovery phrase, private keys, PIN code, etc. are not at risk. No one can access your crypto without your consent. This method purely relies on trying to trick you, much like traditional crypto scams do. Another good news is that we never had reports of anyone being tricked by this method,” Ledger stated in a blog post regarding the BigSpender issue.

In conversation with Decrypt, Ledger’s chief technology officer Charles Guillemet noted that the company’s hardware wallets weren’t affected by the flaw.

Importantly, BigSpender is not an actual vulnerability of Bitcoin, but rather a quirk of the way certain applications interpret and present information to users. Although it doesn’t let bad actors steal users’ coins or access information, the flaw would be instrumental in scamming users or harassing certain wallets by repeatedly sending fake transactions.

As pointed out in ZenGo’s report, all three of the affected wallets mentioned can be reset so they show true balance and operate normally. Ledger users can fix things by clearing the cache, Edge users can do it by pressing the “Resync” in wallet options. For BRD users, recovery is complicated and would require the user to take the wallet seed to some other application that supports BRD’s non-standard derivation path of key pairs from a seed.

As a general guideline, users are advised to always check incoming transactions by means other than their wallet’s history alone. To help fellow wallet developers tweak their products, ZenGo shared their research tool made specifically for BigSpender.

Follow us on Twitter and Facebook and join our Telegram channel to know what’s up with crypto and why it’s important.

Found a typo? Highlight text and press CTRL+ENTER

Subscribe to our Newsletter


Related posts

Tags: , ,