Kraken Security Labs Discovers ShapeShift’s KeepKey Crypto Wallet Can Be Hacked Easily For $75

KeepKey hardware wallets are affected by a flaw that would make them vulnerable to attacks if a hacker has access to the device for around 15 minutes. This is according to a recent report released by Kraken Security Labs and published in a blog post on December 10.

KeepKey Crypto Hardware Wallet Affected By Flaw

As per the report released by Kraken, an attacker would rely on voltage glitching to extract the encrypted key of the user from KeepKey wallets. After this, the encrypted seed can be cracked and the PIN can be easily hacked with brute force. The researchers claim that it is possible to perform this attack with a consumer-friendly glitching device for just $75.

In addition to it, the report explains that it would not be possible to stop these attacks from happening with a software update from the company. In order to solve this issue, a needed  complete hardware redesign, which is certainly expensive to perform and very costly for users.

The company claims that they are already aware of these attacks but their goal is to protect users against remote attacks that could happen to online, desktop or mobile wallets, among others.

It is very important for users to be sure that if they lose their cryptocurrency wallet, the funds could be potentially accessed by attackers and the funds could be at risk of being stolen. The cryptocurrency market has many times been affected by hacks that were pointed at exchanges and other large holders of digital assets.

The report has also advised users to enable the BIP39 Passphrase with the KeepKey client in order to protect the crypto funds in the wallet. The passphrase is generally not user-friendly in practice but it is also not stored on the device, meaning it would not be vulnerable to this attack.

Read Original/a>
Author: Carl T

PIVX And 200 Other Proof of Stake Blockchains May Be Vulnerable, Lunar Digital Assets Affirms

It seems that PIVX, a popular private transactions crypto, may be vulnerable to attacks together with 200 other chains. According to a recent report made by Lunar Digital Assets, there is a vulnerability of the system that can be currently exploited. Every chain using PIVX or its variants is possible to be attacked this way.

Basically, the attacker could exploit this specific vulnerability in order to get impossibly high staking rewards using the proof of stake system of the network.

This is not the first that this vulnerability is exploited. As soon as the PIVX devs found out about it, they rushed to fix the issue. However, another developer, BitGreen, has noticed that the problem was being exploited once more. Someone has probably figured how to undo the progress made by the team and started to use the exploit.

As soon as the developers discovered it, they notified all related companies of the bug and now PIVX is working once more to solve it and stop the attacks.

People Are Accusing the PIVX Team

The situation got heated recently after some people started to claim that the PIVX team might be behind the attacks. According to critics, the team knew of the bug and did nothing about it or failed to fix it properly.

Some others criticized the team for not having a timely response for the problem and simply standing still while the problem was still out there. This led some critics to theorize whether people from the company were exploiting the bug for money and used this inside source in a malicious way.

At the moment, the PIVX team has not explained publicly why the problem was not fixed months ago.

Read Original/a>
Author: Bitcoin Exchange Guide News Team