Israeli researchers from the portfolio startup ZenGeo have discovered a vulnerability affecting at least three main crypto portfolios – Ledger Live, Edge and Breadwallet. The flaw allows hackers to spend Bitcoin more than once, Coindesk report, Ed.
The bug, which the Tel Aviv-based company calls BigSpender, allows a hacker to spend a user’s funds twice and possibly prevent them from reusing their wallet. It works by exploiting the way certain portfolios manage Bitcoin’s Fee Replacement (RBF), built-in security that allows users to exchange an unconfirmed transaction with one that has higher fees. “[BigSpender] may result in substantial financial loss and, in some cases, make the victim’s wallet completely unusable, with no means for the victim to protect themselves, “ ZenGo CEO Ouriel Ohayon said in an email. “So this can be seen as a high severity attack. “
Check it out: A double spending flaw found in major Bitcoin wallets