[Update: On 2018-07-10, the latest version of LBank mobile apps has accordingly fixed the reported issues! Thank LBank team for responsible and timely upgrade!]

On 6/29/2018, 1:00:00 a.m. UTC+8, PeckShield researchers again identified the tradeRifle vulnerability in the mobile apps of LBank — one of the top 10 cryptocurrency exchanges. Specifically, an attacker could extract the token of an user’s current login session. This token could be used to issue arbitrary trades by replaying the create order packets. Even worse, while withdrawing digital assets, the LBank mobile apps, both Android and iOS versions, are prone to man-in-the-middle (MITM) attacks, which could lead to serious financial damages. We notified LBank immediately by the time this issue was confirmed and the proof-of-concept exploit was verified.

On 7/10/2018, 11:32:00 p.m. UTC+8, LBank announced in its official website that their security response team had applied the patch against the tradeRifle bug report, which was received on 6/29/2018 [1]. LBank also claimed in the announcement that none of the crypto assets of their users are affected by this bug.

Now, it’s time to examine the details. We would like to start from showing you how a normal user logins, issues a trade, and withdraws digital assets.

Figure 1: Normal User Login Session Followed by Trading and Withdrawal Transactions


We show in Figure 1 the 2FA mechanism used in LBank mobile apps for improved security. However, since the whole login handshaking is done via http, the token replied from the LBank server could be eavesdropped. Therefore, whenever the victim is still logged in, the attacker can use this token to issue new trades by simply replaying packets to the LBank server. Figure 2 illustrates how the token could be extracted from the cleartext traffic between the mobile app and the server.

Figure 2: Extracting the Token


By using this token, the attacker can issue low-price trades with herself to steal the digital assets of the victim. Furthermore, if the attacker compromised many LBank users, the price of certain cryptocurrency would be dramatically affected. On the other hand, the withdrawal process is vulnerable to MITM as shown in Figure 3.

Figure 3: MITM Attack in the Withdrawal Process


The attacker can manipulate either the withdrawal address or the amount that the LBank server is sending to the victim. Figure 4 is the evidence that the cleartext withdrawal request can be simply truncated, enabling attackers to steal arbitrary amount of digital assets from LBank users.

Figure 4: Cleartext Withdrawal Request


Once again, we are happy to note that upon our vulnerability report, LBank team promptly fixed the problem. We really applaud their responsive, prompt response. Since now LBank has already upgraded the mobile apps and the issue has been fixed, we choose to release the related technical details in this blog. Cybersecurity is essential to any cryptocurrency exchange, and PeckShield is here to help!

About US

PeckShield Inc. is a leading blockchain security company with the goal of elevating the security, privacy, and usability of current blockchain ecosystem. For any business or media inquires, please contact us at Telegram, Twitter, or Email.

References



Published

12 July 2018

Tags