BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

Popular paper wallet app falls prey to mysterious vulnerability

A deadly vulnerability in WalletGenerator, a service that generates printable private and public keys for storing cryptocurrencies, could affect users who have put funds in wallets generated by the site after August 17, 2018.

- Advertisement -

Analysts at MyCrypto found today that WalletGenerator’s capacity to truly “randomize” public and private keys (keypairs)—an essential part of ensuring that the funds are cryptographically secure and unhackable—has been contaminated. Instead of being generated randomly, they are instead being spawned from a single, static data source; an image rendered on the WalletGenerator website itself.

This means that keypairs can be easily reproduced by a bad actor with access to the image data. “It illustrates fully that the randomness is not random,” said Harry Denley, MyCrypto’s director of security, in an interview.

He described the bug as “brilliant” for its ability to remain undetected. “Usually with malicious key generators, they send the generated secrets back to their server once the user has generated them,” he said. This one leaves the secrets with the user, leaving its methods untraceable.

In other words, only the person with access to the images—whoever is behind the WalletGenerator website—can reproduce the keypairs.

- Advertisement -

Denley, in a Medium post, added that the bugs had been mysteriously removed after he reached out to the site’s operator on May 22. The vulnerability was originally caused by “changes to the code” apparently introduced in August last year, and the changes are preserved in the Wayback Machine.

“In this strange turn of events, we still have no idea whether the current site owner is the malicious party, if the server is insecure, or both,” Denley wrote in the Medium post.

For the afflicted? Denley advises users to immediately “create a new keypair / wallet and move your funds to that new, secure address.” MyCrypto also recommends sending funds to BitAddress, an offline cold-wallet service.

WalletGenerator appears fairly popular, and racks up some 140,000 monthly users according to SimilarWeb. Its service allows users to download a—supposedly—randomized keypair onto a paper wallet, which they can then print and store offline.  

We were unable to reach WalletGenerator for comment.

Source

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

Nvidia’s Kyber AI rack delayed to 2028: report

NVIDIA's next-generation Kyber server rack, designed for Rubin Ultra chips, is delayed to 2028...

TrojPix Air-Gap Attack Uses Monitor Cables

Researchers at Shandong University have demonstrated a new covert data exfiltration technique called TrojPix.The...

Bitcoin Reclaims $63k as Crypto Market Sees July Reversal

Bitcoin (BTC) reclaimed $63,000 in early July 2026, signaling a market reversal after a...

2026 ASEAN SHOP Opens in Kuala Lumpur to Drive Southeast Asia’s Smart Retail Growth

KUALA LUMPUR, Malaysia. ASEAN SHOP will host its 2026 edition at the MITEC Pavilion...

Bitcoin Data Strong Amid Selling and Yield Fears

Despite a zero ByteTrend score, the Bitcoin network's weekly on-chain transaction value is $13.5...

Must Read

7 Best Crypto To Invest In This Year

Investing in cryptocurrencies has become a popular way for people to diversify their investment portfolio and make potential profits.However, with so many cryptocurrencies available...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading