News

Security Company Unciphered Attacks Crypto Hardware Wallet OneKey

Key Points:

  • Unciphered, a cybersecurity company, revealed how to hack a well-known hardware cryptocurrency wallet made by OneKey.
  • In a YouTube video, Unciphered demonstrated what is known as a “man-in-the-middle” attack on the wallet in which it was successful in obtaining the private key, also known as the mnemonic seed phrase, from the OneKey Mini hardware wallet by taking advantage of a flaw.
  • OneKey quickly rectified the issue after being notified.
Cybersecurity startup Unciphered demonstrated a hack of a notable hardware crypto wallet manufactured by OneKey, a Hong Kong-based firm that raised $20 million last year.

Unciphered showed what’s called a “man-in-the-middle” hack of the wallet in a YouTube video where it was able to extract the mnemonic seed phrase, also known as the private key, from the OneKey Mini hardware wallet by exploiting a vulnerability.

The company said it used a field programmable gate array to intercept communications between the processor and the secure element, which contains the hardware wallet’s seed phrase, in order to take advantage of the absence of encryption between them.

“The FPGA is a high speed processor also known as a field programmable gate array, allowing us to iterate through different algorithms, bypass the wallet’s security and extract the mnemonics,” Unciphered said.

OneKey promptly patched the vulnerability after being contacted. The company stressed that a hypothetical assault, as shown by Unciphered, cannot be exploited remotely and would require both the crypto wallet of a user and specialized FPGA equipment, saying that no one was affected.

Recent attacks involving private keys are still ongoing. OracleSwap, a DEX protocol on the Songbird Network that allows users to earn interest for delegating their Flare and Songbird tokens, has been suspended due to compromised private keys.

On January 29, the FTSO provider revealed that the process of making its code open source had resulted in the compromise of its private keys. Delegates on OracleSwap have been asked by Flaremetrics to withdraw access and switch to different FTSO operators.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join us to keep track of news: https://linktr.ee/coincu

Harold

Coincu News

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.

Recent Posts

Will Bitcoin Crash or Soar Past $105K in 2024?

Will Bitcoin Crash?" seems to be one of the most controversial questions, as the price…

52 minutes ago

The Best Crypto for Passive Income? 10% Weekly Gains and 20% Final Surge—Qubetics Mirrors Cosmos’ Early Success!

There’s always that one coin people wish they hadn’t overlooked. For many, Cosmos ($ATOM) is…

1 hour ago

Cosmos Developer Interchain Foundation Sold 3000 ETH Today

Cosmos Developer Interchain Foundation sold 3000 ETH from its ICO today, totaling 21,600 ETH sold…

2 hours ago

Zircuit Launches ZRC Token: Pioneering the Next Era of Decentralized Finance

George Town, Grand Cayman, 22nd November 2024, Chainwire

2 hours ago

Inflation Warning By Vanguard Amid Tariffs And Labor Issues

Inflation Warning by Vanguard highlights risks during Trump’s term, citing tariffs and tighter labor markets…

3 hours ago

Clanker Token Trading Volume Hits $59.8 Million High On November 21

Clanker token trading volume hit $59.8M on Nov 21, accounting for 14.75% of PumpFun. Fee…

3 hours ago

This website uses cookies.