A Source Code Typo Allowed an Attacker to Steal 370,000 Zerocoin

Catalin Cimpanu
February 18, 2017

The Zcoin project announced yesterday that a typo in the Zerocoin source code allowed an attacker to steal 370,000 Zerocoin, which is about $592,000 at today's price.

Zerocoin, also known as Zcoin or XZC, is a cryptocurrency protocol built on top of Bitcoin that implements Zero-Knowledge proofs to guarantee complete financial privacy and anonymity.

Zerocoin is the precursor of Zcash and Monero, two similar cryptocurrencies that provide extra anonymity for their users, much more than the standard Bitcoin currency can provide.

One extra character left in the wrong place

According to the Zcoin team, one extra character left inside Zerocoin's source code caused a bug that an unknown attacker discovered and used to his advantage in the last few weeks.

"The bug from the typo error allowed the attacker to reuse his existing valid proofs to generate additional Zerocoin spend transactions," the Zcoin team said yesterday.

This allowed the crook to initiate one transaction but receive the money multiple times over.

Attacker hid his tracks well

According to the Zcoin team, the attacker (or attackers) was very sophisticated and took great care to hide his tracks.

They say the attacker created numerous accounts at Zerocoin exchanges and spread transactions across several weeks so that traders wouldn't notice the uneven transactions volume.

Nonetheless, as transactions piled up, the Zcoin team saw that the two sides of their blockchain weren't adding up.

"We knew we were being attacked when we saw that the total mint transactions did not match up with the total spend transactions," the Zcoin team said. "If our total supply was not verifiable due to hidden amount transactions, we would not have been able to discover this bug."

The bug appears to have been discovered on February 16, and the Zcoin team announced the Zerocoin theft the following day, while also announcing a fix for the Zerocoin protocol that was pushed out at the same time.

Attacker cashed out most of the stolen funds

The Zcoin team says they worked with various exchanges to attempt and identify the attacker but to no avail.

Out of the 370,000 Zerocoin he stole, the attacker has already sold 350,000. The Zcoin team estimates the attacker made a net profit of 410 Bitcoin ($437,000).

"Despite the severity of the hack, we will not be forfeiting or blacklisting any coins," the Zcoin team added. "In other words, the damage has already been mostly absorbed by the markets. [...] Trading will resume once pools and exchanges have had time to update their code."

https://www.bleepingcomputer.com/new...coin-592-000-/