Published on July 25th, 2015 | by bitcoin0
New bit flipping attack against Multibit
A vulnerability was identified and fixed in MultiBit HD 0.1.2 that allowed an attacker to insert unspendable Bitcoin addresses into the list MultiBit uses to send fees to the developers.
As an ordinary user of MultiBit HD this does not affect the security of your bitcoins. That said, it is always best to run on the latest version of MultiBit HD so you should upgrade to version 0.1.2 or higher. Multibit announce all releases on Twitter and the RSS/Atom feed as a backup to the auto-upgrade system.
If you are a developer with an interest in cryptography we would urge you to read the entirety of the article since it illustrates why AES wrapped in HTTPS does not offer sufficient security against certain attacks.
View more at the Multibit blog.