An exploit in Android makes every Bitcoin wallet app vulnerable to theft.
This vulnerability lays popular wallets like Bitcoin Wallet, blockchain.info wallet, BitcoinSpinner and Mycelium Wallet open to possible theft, though none have as yet been reported.
The problem lies with components which govern the way Android’s platform generates strings of secure random numbers.
Developers are encouraging anyone with an Android wallet to do “key rotation” on their account. That is, they should create a new wallet address with a random number generator, then resend all the money in their old wallet to the new one.
Updates are currently being created by the various app makers, according to a thread on Bitcointalk. Updates for Bitcoin Wallet, BitcoinSpinner and blockchain.info wallet have already been released.
Mt. Gox and other exchanges are not affected by the vulnerability, as the numbers governing those transactions are not generated on client mobile devices.
Pure, uncut internet. Straight to your inbox.