data/LCG16807_MINSTD_RAND0__trez...
Christian Reitter b7e8920b75 Update MT19937 2a range, organize files 2025-07-16 17:21:32 +02:00
..
BIP39 Update MT19937 2a range, organize files 2025-07-16 17:21:32 +02:00
direct Publish new research data on direct PRNG to secp256k1 key usage 2025-01-14 22:12:17 +01:00
README.md Update MT19937 2a range, organize files 2025-07-16 17:21:32 +02:00

README.md

Description

Vulnerable wallet range of Trust Wallet on iOS with CVE-2024-23660.

See https://milksad.info/posts/research-update-5/ for details.

Anomaly

One used wallet in the "B" range is also present in the "A" range, and therefore its addresses are in both victim lists.

This is an anomaly of the PRNG behavior, which generates a very simple entropy output (consisting of just all binary zeros) at a certain PRNG index. The output happens to be identical with a well-known BIP39 example mnemonic, explaining its usage. In other words, this weak wallet is not unique to this specific weak range.

PRNG seed id Mnemonic
2147483647 abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about

Associated addresses:

1KBdbBJRVYffWHWWZ1moECfdVBSEnDpLHi
bc1qzmtrqsfuaf6l6kkcsseumq26ukaphfj9skkug6