@@ -41,30 +41,35 @@ A practical explanation of how weak entropy can ruin your day - and your savings
- Why the silly "Milk Sad" name? Running `bx seed` on `3.x` versions with a system time of 0.0 always generates the following secret:
> milk sad wage cup reward umbrella raven visa give list decorate bulb gold raise twenty fly manual stand float super gentle climb fold park
-## When?
+### When?
The main theft occurred around 12 July 2023, although initial exploitation likely began at a smaller scale in May 2023.
A separate but similar vulnerability in another wallet software was detected in November 2022 and actively exploited shortly after, which may be the prequel to this story.
-## Who?
+### Who?
We did not identify who is behind the ongoing thefts from vulnerable wallets.
-## Type
+### Type
[CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)](https://cwe.mitre.org/data/definitions/338.html)
-## Vendor
+### Vendor
[Libbitcoin](https://github.com/libbitcoin)
-## Further Reading
+### Further Reading
-See our [technical writeup](/disclosure.html) and [FAQ](/faq.html).
+See our [technical writeup](/disclosure.html), [research updates](/updates.html) and [FAQ](/faq.html).
-[CVE-2023-31290](https://nvd.nist.gov/vuln/detail/CVE-2023-31290) was a similar vulnerability in [Trust Wallet](
+
+### Related Vulnerabilities
+
+Trust Wallet:
+- [CVE-2023-31290](https://nvd.nist.gov/vuln/detail/CVE-2023-31290) - [vendor advisory](
https://community.trustwallet.com/t/browser-extension-wasm-vulnerability-postmortem/750787
-), see [Ledger Donjon's technical writeup](https://blog.ledger.com/Funds-of-every-wallet-created-with-the-Trust-Wallet-browser-extension-could-have-been-stolen/
-).
+) and [Ledger Donjon's technical writeup](https://blog.ledger.com/Funds-of-every-wallet-created-with-the-Trust-Wallet-browser-extension-could-have-been-stolen/
+)
+- [CVE-2024-23660](https://nvd.nist.gov/vuln/detail/CVE-2024-23660) - SECBIT Labs' [technical disclosure writeup](https://secbit.io/blog/en/2024/01/19/trust-wallets-fomo3d-summer-vuln/)
## Contact
diff --git a/lookup.md b/lookup.md
index 5d0cfc7..1002f56 100644
--- a/lookup.md
+++ b/lookup.md
@@ -2,6 +2,7 @@
title: /lookup
layout: home
permalink: /lookup.html
+exclude: true
---
# Ride Closed 🚧