Bitcoin is a form of digital currency that is supposed to provide a secure and private alternative to conventional money.
Researchers at the University of Edinburgh in the UK carried out an in-depth security analysis of the communications system used in popular models of Bitcoin wallet.
They created a simple harmful software, or malware, which was able to intercept messages sent between hardware wallets and computers – where users manage their Bitcoin accounts.
The tests revealed that users’ privacy is not protected.
They also showed how easy it is to access Bitcoin funds managed by such devices and divert them into a different account.
Based on the findings published in the journal Information Security, researchers proposed a fix for improving the security of such systems. This would encrypt particular messages sent between Bitcoin wallets and computers, making them much more secure.
Their fix could be incorporated into all models of Bitcoin hardware wallet to offer better protection against hacks, researchers said.
“A wallet should protect not only our money, but also our privacy. It was surprising to discover how easy it is to access a user’s funds, even when sophisticated hardware is incorporated,” said Andriana Gkaniatsou from the University of Edinburgh in the UK.
“Unfortunately, there is no silver bullet when it comes to protecting financial digital assets – we need to ensure that all components of the system are equally protected and interact in a secure way,” said Gkaniatsou, who led the study.