logo
  • menu
  • Markets
  • ETFs
  • Live
  • Spot
  • Futures
  • Bots
  • Learn
  • Sign In
  • Sign Up
  • Downloads
  • English
  • |
  • USD
  • |
Sign Up
Crypto PricesLearnLatest NewsDownloadsMarketsSpotAnnouncements
Home/
Latest News/
Markets

BitGo Patches Critical Vulnerability First Discovered by Fireblocks

By Cornell Rachel
Mar 20, 2023
4 
★
★
★
★
★
★
★
★
★
★
 62 User Rating
Share

Cryptocurrency wallet BitGo has patched a critical vulnerability that could have exposed the private keys of retail and institutional users.

The cryptography research team Fireblocks discovered the vulnerability and notified the BitGo team in December 2022. The vulnerability is related to the BitGo Threshold Signature Scheme (TSS) wallet, potentially exposing the private keys of exchanges, banks, businesses, and users of the platform.

The Fireblocks team named the vulnerability the BitGo Zero Proof Vulnerability, which allows potential attackers to extract private keys in under a minute using a small amount of JavaScript code. BitGo suspended the vulnerable service on December 10 and issued a patch in February 2023, requiring clients to update to the latest version by March 17. The Fireblocks team outlined how it identified vulnerabilities using free BitGo accounts on mainnet. Part of the mandatory zero-knowledge proofs missing from BitGo's ECDSA TSS wallet protocol allowed the team to expose private keys through a simple attack.

Industry-standard enterprise-grade cryptoasset platforms utilize multi-party computation (MPC/TSS) or multi-signature technology to eliminate the possibility of a single point of attack. This is done by distributing private keys among multiple parties to ensure security controls should one party be compromised. Fireblocks was able to demonstrate two possible ways that an internal or external attacker could gain access to the full private key.

Infected client users can initiate transactions to obtain some of the private keys held in the BitGo system. BitGo will then perform signature calculations before sharing information that leaks BitGo key fragments. "An attacker can now reconstruct the full private key, load it into an external wallet, and withdraw funds immediately or at a later time."

The second case is considered an attack if BitGo is compromised. An attacker would wait for a client to initiate a transaction before replying with a malicious value. This is then used to sign transactions with the client's key shard. An attacker can use the response to reveal the user's key shard, which can then be combined with BitGo's key shard to take control of the wallet.

Fireblocks noted that the identified vectors have not yet carried out any attacks, but warned users to consider creating new wallets and transferring funds from ECDSA TSS BitGo wallets before installing the patch. Hacking wallets has become commonplace across the cryptocurrency industry in recent years. In August 2022, over $8 million was lost from over 7,000 Solana-based Slope wallets. Algorand web wallet service MyAlgo was also the target of a wallet hack, resulting in the loss of more than $9 million from various high-profile wallets.

Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of BitKan. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. BitKan shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. Products mentioned in this article may not be available in your region.

Related News

  • USDC Dominates Tether USDT in Stablecoin Volume Race

    USDC Dominates Tether USDT in Stablecoin Volume Race

    Circle's USD Coin (USDC) secured a 70% share of adjusted onchain transaction volume during the opening six months of 2026.
    Martha Grizzard
    Jul 7, 2026
  • Ether Leads Crypto Jump; Bitcoin Holds Firm Above $63K

    Ether Leads Crypto Jump; Bitcoin Holds Firm Above $63K

    Digital assets entered Monday, July 6, 2026, on a strong trajectory, reversing performance trends from the previous month.
    Wayne Ingram
    Jul 6, 2026
  • Circle Shares Plunge 17% as Rivals Launch Open USD Network

    Circle Shares Plunge 17% as Rivals Launch Open USD Network

    Circle Internet Group (CRCL) shares declined by more than 17% on Tuesday, June 30, 2026, following the announcement of a new stablecoin network, Open USD, which threatens the established market dominance of USDC.
    Martha Grizzard
    Jul 1, 2026

Latest News

Industry

Cryptocurrency

Airdrop

Markets

  • New SEC Crypto Rule to Cut Red Tape for Startup Fundraising

    New SEC Crypto Rule to Cut Red Tape for Startup Fundraising

    The U.S. Securities and Exchange Commission plans to introduce a major regulatory framework this month to simplify capital formation and reduce operational hurdles for cryptocurrency businesses.
    Martha Grizzard
    Jul 8, 2026
  • White House Admits Federal Bitcoin Fund is Still Delayed

    White House Admits Federal Bitcoin Fund is Still Delayed

    The establishment of the Strategic Bitcoin Reserve has run into severe internal friction regarding which cabinet-level agency holds authority over the asset.
    Martha Grizzard
    Jul 7, 2026
  • Senate Test for Clarity Act Could Spark Crypto Market Volatility

    Senate Test for Clarity Act Could Spark Crypto Market Volatility

    As the U.S. Senate approaches a critical vote on the Digital Asset Market Clarity Act, investment bank Jefferies has cautioned investors that the legislative process will likely trigger heightened volatility across crypto markets.
    Jerry McNeill
    Jul 1, 2026
  • SBI’s $289M Bitbank Deal Signals Japan Crypto Consolidation

    SBI’s $289M Bitbank Deal Signals Japan Crypto Consolidation

    SBI Holdings has solidified its domestic dominance by agreeing to acquire all shares of Bitbank in a transaction valued at ¥46.7 billion ($289 million), according to the company’s official disclosure.
    Cornell Rachel
    Jun 29, 2026
  • Invesco Files for Tokenized Fund to Back Stablecoin Reserves

    Invesco Files for Tokenized Fund to Back Stablecoin Reserves

    Invesco has officially filed with the U.S. Securities and Exchange Commission (SEC) to launch the Invesco Stablecoin Reserves Onchain Fund, a new vehicle designed to offer stablecoin issuers a compliant way to manage their collateral.
    Martha Grizzard
    Jun 26, 2026
View more data 
BTCBTC(BTC)
$0
--(Last 24h)
SpotFutures

Top

View more
  1. 1S&P 500 Reclaims 200-Day Moving Average, Bitcoin Gains
  2. 2Trump Softens His Stance on Reciprocal Tariffs, US Stocks and Crypto Markets Rise
  3. 3Vitalik Buterin : The current price of ETH has not been affected by the merger event
  4. 4Vibhu Norby : Solana Spaces store to bring 100K people to Solana per month
  5. 5CZ: compared with the record high nine months ago, the current situation of the industry is much better

Top Gainers

View more
Jotchua
JotchuaJOTCHUA

$0.005809

+69.01%
BUILDon
BUILDonB

$0.2324

+44.61%
Vulcan Forged
Vulcan ForgedPYR

$0.1800

+40.62%
Cash Cat
Cash CatCASHCAT

$0.1668

+26.72%
Audiera
AudieraBEAT

$2.7472

+22.50%

Top Trending

View more
Sui Network
Sui NetworkSUI

$0.7386

+1.89%
Circle
CircleCRCL

$66.8400

+4.47%
SK Hynix Inc
SK Hynix IncSKHYNIX

$1,478.71

-0.36%
Hyperliquid
HyperliquidHYPE

$67.3380

-1.43%
SKALE Network
SKALE NetworkSKL

$0.004900

+6.06%

Recently added

View more
Cash Cat
Cash CatCASHCAT

$0.1668

+26.72%
Cerebras
CerebrasCBRSB

$216.940

+7.09%
Invesco QQQ Trust
Invesco QQQ TrustQQQB

$727.190

+0.52%
Palantir
PalantirPLTRB

$126.870

-1.49%
Nebius
NebiusNBISB

$220.990

+1.70%

Learn

View more
  1. 1What Is Cross-Chain Interoperability? How Does It Function?
  2. 2What is OUSD? How Does Open USD Work for Digital Payments?
  3. 3What Are Keyloggers? How Do They Drain Your Crypto?
  4. 4What is Maximal Extractable Value in crypto? How Do We Avoid MEV?
  5. 5Crypto Trading Bots: What Are They and How Do They Work?
About Us
  • About BitKan
  • Contact Us
  • Announcements
  • VIP Program
  • BitKan Ambassador
  • Institutional Services
Products
  • Spot
  • Futures
  • Crypto Prices
  • Learn
  • News
  • Markets
  • How to Buy Crypto
  • BTC to USD Calculator
  • Reward
Help
  • Help Center
  • Email Us
  • Live Chat
  • Download APP
  • Listing Application
  • Buy Bitcoin
  • Buy Ethereum
  • Buy Dogecoin
  • Buy Altcoins
Terms
  • Terms of Use
  • Privacy Policy
  • Trading Rules
  • Fee
K-Site
English
About Us
+
  • About BitKan
  • Contact Us
  • Announcements
  • VIP Program
  • BitKan Ambassador
  • Institutional Services
Products
+
  • Spot
  • Futures
  • Crypto Prices
  • Learn
  • News
  • Markets
  • How to Buy Crypto
  • BTC to USD Calculator
  • Reward
Help
+
  • Help Center
  • Email Us
  • Live Chat
  • Download APP
  • Listing Application
  • Buy Bitcoin
  • Buy Ethereum
  • Buy Dogecoin
  • Buy Altcoins
Terms
+
  • Terms of Use
  • Privacy Policy
  • Trading Rules
  • Fee
K-Site
+
  • Twitter
  • Facebook
  • Telegram
  • YouTube
  • Instagram
  • Medium
  • Linkedin
@2012-2026 BITKAN.com