Bitcoin wallet Wasabi says its safe against massive Tor exploit

Wasabi relies on the Tor onion network. But it says its users aren’t affected by an exploit that let hackers hijack Bitcoin sent using Tor.

By Robert Stevens

2 min read

The privacy-first Bitcoin wallet, Wasabi, wants you to know that its services are safe against the massive Tor exploit unearthed earlier this week. 

A pseudonymous cyber-security researcher, “nusenu,” this week published a report explicating how Bitcoin-thieving hackers had infiltrated Tor, a web browser that pings your traffic across several nodes to obscure your identity.

Nusenu found that the hackers, at the peak of their campaign, controlled 24% of “exit relays”—the final node that traffic is bounced around before a user’s search request hits the Internet. 

The researcher said that hackers used this control to manipulate traffic and access unencrypted data; with control, they hijacked Bitcoin from wallets and specifically targeted Bitcoin mixing services.

 

Wasabi, one such Bitcoin mixer, uses Tor to keep Bitcoin transactions private. In response to much anxious chatter about the report, Wasabi yesterday published a blog post reassuring users that its service is “safe against this type of attack.” 

How? “It's simple: because Wasabi Wallet is a non-custodial privacy-focused Bitcoin wallet that implements trustless CoinJoin, there are no addresses sent to a server when sending money.” 

Here’s what that means:

CoinJoins are a form of Bitcoin “mixer”—funnel some Bitcoin through a CoinJoin and it’ll jumble your transaction up with any other Bitcoin sent to it by other people. This makes it difficult to trace the origin of your transaction.

Wasabi is a non-custodial wallet, meaning that its mixer doesn’t hold assets. So when sending money through Wasabi Wallet, the network doesn’t broadcast a signal that can be intercepted by a hacker. Instead, it broadcasts “signed transactions” using Tor onion nodes. 

But critically: these signals “never [leave] Tor onion network and [Wasabi] never uses Tor exit relays.” Since Wasabi’s traffic “stays inside the onion network … most Tor attacks are not possible if exit nodes are not involved.” 

Nusenu didn’t provide an indication of how much was stolen, if any, and said that the campaigns have slowed after they alerted several online Bitcoin wallets.

Get crypto news straight to your inbox--

sign up for the Decrypt Daily below. (It’s free).

Recommended News