[hrehhf]

It appears that they are finding the private keys for transactions that already occurred. Reusing an address is not part of Bitcoin's design and it was never intended for people to do that. By not reusing addresses (not reusing private keys) I think one would be immune to this attack. The article doesn't seem to have much detail; anyone have more detail on this?

Edit: The details are in the URL posted by alphydan; it looks like address reuse does not matter with their method.

[csomar]

Even more important, by reusing addresses you are making more signatures using the same private key. This has proven to be a vulnerability where one can deduce the private key from these signatures (though limited to a bad implementation) but it's worth considering.