The Recently Discovered Cloudflare Bug Could Affect Bitcoin Users.
On February 17 an individual had discovered a bug with the Cloudflare infrastructure, a company that many bitcoin companies use for DoS protection and other services. The severity of the bug is considered very bad, and security credentials for many bitcoin accounts should be changed.
The Cloudflare system has been leaking significant amounts of uninitialized memory which could contain sensitive data, including two-factor authentication (2FA) secrets and passwords. According to many reports including the person who found the bug, this may have been happening for months, and the data may have been spraying onto the open web.
The leak could possibly lead to people’s accounts being compromised on many bitcoin websites and services. Bitcoin websites that could be affected include Coinbase, Localbitcoins, Poloniex, Kraken, Bitfinex, Bittrex, Bitstamp, Reddit, and many more. Many people in the bitcoin community are warning others to reset their 2FAs and change passwords immediately. Alongside this, bitcoin companies who may have been affected are also warning customers to take the necessary precautions.
“A bug was recently discovered with Cloudflare, which Kraken and many other websites use for DoS protection and other services,” “Due to the nature of the bug, we recommend as a precaution that you change your Kraken security credentials: Change your password, Change your two-factor authentication (remove and re-enable it), Clients who use API keys should generate a new set of keys. You should similarly change your security credentials for other websites that use Cloudflare.” Says the San Francisco-based bitcoinero exchange.
The Cloudflare issue is very reminiscent of the Linode attacks in 2012 and the Heartbleed vulnerability back in the spring of 2014. However whether or not Cloudflare’s leak got into malicious hands is undetermined, but Bitcoiners on forums are shaken up. The uninitialized memory held by the Cloudflare service includes data such as cookies, HTTP content, passwords, and TLS certificates. The person who discovered the judgment says:
“Cloudflare reverse proxies are dumping uninitialized memory.” Furthermore, Taviso also details “It took every ounce of strength not to call this issue ‘Cloudbleed”
“I don’t know if this issue was noticed and exploited, but I’m sure other crawlers have collected data and that users have saved or cached content and don’t realize what they have,” explains Taviso’s opinion on Scope of damage. “We’ve discovered (and purged) cached pages that contain private messages from well-known services, PII from major sites that use cloudflare, and even plaintext API requests from a popular password manager that were sent over https (!!).”
Disclaimer: InfoCoin is not affiliated with any of the companies mentioned in this article and is not responsible for their products and/or services. This press release is for informational purposes only. Information does not constitute an investment advice or an offer to invest.