The problem lies in a component of Android responsible for generating secure random numbers, which has been found to contain a critical weakness. Given that the problem lies with Android itself, it could affect you if you have a wallet generated by any Android app. Such affected apps include Bitcoin Wallet, blockchain.info wallet, BitcoinSpinner and Mycelium Wallet.
Updates have already been issued for BitCoin Wallet (v3.15), BitcoinSpinner (0.8.3b), Mycelium Bitcoin Wallet (0.7.0) and blockchain.info (3.54).
"In order to re-secure existing wallets, key rotation is necessary. This involves generating a new address with a repaired random number generator and then sending all the money in your wallet back to yourself," a Bitcoin security advisory suggests.
"If you use an Android wallet then we strongly recommend you to upgrade to the latest version available in the Play Store as soon as one becomes available. Once your wallet is rotated, you will need to contact anyone who has stored addresses generated by your phone and give them a new one."
Written by: James Delahunty @ 13 Aug 2013 14:55
