Thursday, March 20, 2014

[ihsxwjtj] Bitcoin diversion

Attack a software (and hardware) stack such that whenever an address of a potential payment recipient would have been displayed or used, the address of a malicious adversary seeking to divert the payment is substituted.  The bug detects strings and QR codes which look like addresses.

A thousand points of attack: web browser, OS copy and paste, LCD panel firmware, camera firmware (for reading QR codes), QR code generation software, printer firmware (substitute a different address when one is printed onto paper).

One could subtly implement MITM by forwarding most payments to the original recipient, skimming perhaps only occasionally.

No comments :