A critical security vulnerability has been discovered in Android Bitcoin wallet apps that could leave users “vulnerable to theft”.
According to an official blog post at bitcoin.org, popular affected apps include – but are not limited to – Bitcoin Wallet, blockchain.info, Bitcoin Spinner, and Mycelium Wallet.
Bitcoin, for those who aren’t familiar with it, is a virtual digital currency (meaning it doesn’t exist physically in the real world, but can be used to purchase items online) that relies upon cryptography.
The problem appears to lie in a weakness in the way that Android phones and tablets generate the random numbers required for private keys, meaning that the key could be recoverable by someone else.
And if someone else can work out the private key to your Bitcoin wallet, that’s rather like knowing the PIN code for your bank account.
Affected users are being advised to keep a keen eye open for updates to their Android Bitcoin apps:
There are already reports that Bitcoins may have been stolen from compromised addresses.
Imagine if a weakness like this were found impacting those of us who use traditional real-life banks…