Coinbase wallet app in SSL/TLS SNAFU

Bitcoin digital wallet

bitcoin-wallet-170The popular Bitcoin wallet Coinbase has a weakness in its Android app that could allow an attacker to steal authentication codes and access users’ accounts, according to a security researcher.

Although the flaw in the way Coinbase’s apps handle SSL (HTTPS) certificates was disclosed to the company by researcher Bryan Stern through the company’s bug bounty program, the issue has not been resolved.

After several months of back and forth with Coinbase, Stern went public with his findings and wrote them up on his GitHub blog on 27 June 2014.

Coinbase paid Stern $100 through the company’s bug bounty program and marked the bug status as “Won’t fix (closed)”.

As Stern put it:

With a compromised SSL connection, an attacker could gain full control of a user's account by stealing their access token. An attacker could also intercept a request to send bitcoins and change both the amount and destination address.

Stern’s concerns may be a little over-the-top, because it seems that Coinbase’s Android app does check that the TLS certificate presented when it connects to a Coinbase server is valid, and signed by a recognised Certifcate Authority (CA).

However, HTTPS clients for financial apps can take additional steps to cross-check, or “pin”, the TLS certificates issued by their own servers.

Performing additional checks on your own TLS certificates (such as verifying the certificates against an allowlist, or requiring that they be signed by a specific CA) makes it harder for crooks to use fraudulently acquired certificates – even if they persuade a compliant CA to sign a certificate in your name, it is unlikely to pass your secondary checks.

→ If you are a non-resident who has entered the USA in the past few years, you will know that immigration officials not only check that you have an apparently valid passport issued by your country, but also that your fingerprints don’t flag you up against a database held by their country. Whether you approve of this fingerprinting process or not, it does provide an extra later of protection against fraudulently issued passports, rather than merely checking for passports that are being used fraudulently.

Crooks have previously targeted Coinbase users with phishing, although the example we saw wasn’t too convincing – the thieves didn’t have an HTTPS certificate, fraudulent or otherwise, so their phony site didn’t have an HTTPS address.

Should you use digital wallets and mobile banking apps?

In January 2014, we wrote about a research project carried out by Ariel Sanchez of security assesment company IOActive.

Sanchez looked at 40 different iOS banking apps used by 60 different banks in about 20 different countries, and found that 40% of them made HTTPS connections without validating the certificates at all, making those apps dangerously vulnerable to Man in the Middle (MitM) attacks.

In 2013, the cryptographic verification code at the core of Google’s Android operating system was found to have three different bugs that allowed modified apps to masquerade as legitimate, signed apps from a trusted vendor.

And in June 2014, we wondered aloud why Apple’s latest security updates patched nearly 30 remote code execution holes in Safari for iOS, but only 10 holes in Safari for OS X.

It does look as though security in mobile apps is lagging behind what we have come to expect on our desktop and laptop operating systems.

Our advice:

  • Avoid using mobile apps for financial transactions.
  • To conduct online banking, use a decently-protected desktop or laptop and a mainstream browser. Make sure your bank uses HTTPS to encrypt your connection.
  • Consider adopting two-factor authentication (2FA) on any online services that offer it in your country.
  • If you need to use mobile banking apps, consider using the VPN from Sophos UTM Home Edition. It will encrypt your traffic when you are using public Wi-Fi and other untrusted networks, and route it back through your own network, making it harder for crooks to perform a man-in-the-middle attack. And it’s completely free.

Image of mobile and bitcoins and Coinbase logo coins courtesy of Shutterstock.

Note. Article updated at 2014-07-05T20:30Z in response to comments about the severity of this flaw. (See comments below.)