BitAddress.Org Invalid Certificate Issue Seems To be Resolved

Users of the BitAddress.org website may have noticed there seems to be something wrong with the website. A lot of people are reporting the platform is using an invalid SSL certificate. This is not good news for this online Bitcoin wallet service, and for now, it remains unclear as to what is going on exactly.

BitAddress.org Is Dealing With Some Issues

The way BitAddress works is by letting users generate Bitcoin wallet addresses, including its private and public key. This service is used by a lot of people in its online format, even though users can download the source code on GitHub and run it locally. When using such an online service one never knows if someone is attempting a man-in-the-middle attack.

Things get even more complicated when the website is rendering an “invalid certificate” error. While this is no clear evidence of any malicious activity per se, it poses a security risk. Some people may argue one should always download the Github repository and run the solution locally. But for novice users, this is far from a convenient solution, as everything is automated when visiting the website.

The invalid certificate error can be caused by many different things. Users who rely on a VPN, anonymity software, or a DNS changer may receive this error due to those particular privacy preferences. Additionally, BitAddress uses Cloudflare for DDoS protection, which sometimes seems to block random DNS gateways or IPs for an unknown reason.




For now, most of the issues seem to be resolved, although no one is wiser as to what caused the problem in the first place. Online Bitcoin wallet services – regardless of their exact business model – are always targeted by internet criminals. Bitcoin users should never rely on such services unless they have no other choice.

For now, BitAddress seems safe to use but always do so at your own risk. The service generates public and private keys in a browser window. This creates several possible attack vectors, ranging from a man-in-the-middle attack against BitAddress to browser hijacking on the user end.

Image credit 1

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.