Bitcoin Gold Tightens Wallet Security, Warns of Compromised Wallets
After the core wallet of Bitcoin Gold was attacked by doctored software and led to compromised addresses, the BTG team monitors the wallet situation more closely.
Bitcoin Gold had a rough start, first with an online wallet that stole private keys, and then with a compromised core wallet with a doctored file. The wallet, planted through an unknown break into the project's GitHub page, managed to create corrupted addresses where the hacker could access a copy of the private key.
The Bitcoin Gold team has listed the compromised addresses, hoping users would see them. We are copying the list in full:
Before that, the Bitcoin Gold team discovered the vulnerable wallets and emptied them into a custodial wallet. As of December, there are no data of compromised BTG wallets.
"After the Suspicious File incident that we reported on November 26th, our staff conducted a security audit, performed password rotations and 2FA reset for all accounts with access to critical facilities including (but not limited to) Github, and implemented strict security measures and protocols to greatly enhance safety and ensure this does not happen again," wrote the team.
A corrupted file created wallet addresses where the private keys could have been derived in a known way, hence making the wallets insecure.
What is a "Poisoned" Wallet Address:
While GitHub revealed the IP addresses through which the hacker planted the file, the lead did not link to the discovery of the person.
Users are urged to download the newest version of the core wallet with the right checksums, if they create a new wallet. Wallets created at the end of November 2017 were compromised. While the altered file does not pose other threats, users are urged to delete the wallet software to avoid further creation of unsafe addresses.
Please do keep in mind if you need normal support for any issue BTG related, email us at [email protected] thanks in advance.— Bitcoin Gold [BTG] (@bitcoingold) December 17, 2017
For funds taken in by the team at address GLGUbxkU5kFJ7wvvWkWKwYxGhUyVTYmUgF, BTG users are urged to contact the BTG team via social media channels and prove their funds have been moved.