Popular Hardware Crypto Wallet OneKey Hacked by Security Firm, Proving Critical Vulnerability

A cybersecurity firm has hacked a popular cryptocurrency wallet, demonstrating to its developers that it contains critical flaws.

Unciphered, a cybersecurity firm, reveals to its YouTube audience in a new video update how they were able to breach the defenses of crypto wallet OneKey and notify its developers of the exploit.

“This is how the hack operates. The CPU and the secure element are both present. Your crypto keys are stored in the secure element. Normally, communications between the CPU, where the processing occurs, and the secure element are encrypted.

It turns out that it wasn’t designed to do so in this space. We discovered this. So you put a tool in the middle that monitors and intercepts communications before injecting [its] own commands.

We did that so that the secure element knows it’s in factory mode and we can take your mnemonics, which is your money in crypto, out. So we enrolled OneKey in their bug bounty program and got them to patch it.”

According to the cybersecurity experts, OneKey was relieved that the exploit was discovered because bad actors could have used it to steal customer funds.

“Things like this are a critical vulnerability. It’s terrible. OneKey was relieved that we brought this to their attention, and that we did so before a malicious actor discovered it and stole people’s crypto.”

Bookmark (0)
ClosePlease loginn

Related Posts

A sincere thank you to our valuable sponsors: CoinDesk, Nexo and 1inch

A sincere thank you to our valuable sponsors: CoinDesk, Nexo and 1inch

Discover the cutting-edge services of CoinDesk and Nexo, the leading names in crypto and blockchain, and unlock the full potential of your digital assets.

Bookmark (0)
ClosePlease loginn
U.S. government sold over 9k BTC for $215.7M on March 14

U.S. government sold over 9k BTC for $215.7M on March 14

The US government said it plans to liquidate over 40,000 Bitcoin in four batches during this calendar year.

Bookmark (0)
ClosePlease loginn
Justin Sun’s Grenada ambassadorship to WTO ends

Justin Sun’s Grenada ambassadorship to WTO ends

Grenada’s local media reported that Justin Sun had been recalled after the political party that appointed him lost elections in June 2022.

Bookmark (0)
ClosePlease loginn
More than 50% of Bitcoin mining uses renewable energy

More than 50% of Bitcoin mining uses renewable energy

Almost a quarter of all Bitcoin miners use water to power their setups, while wind and nuclear are the second and third biggest contributors.

Bookmark (0)
ClosePlease loginn
Bittrex to halt US operations by end of April

Bittrex to halt US operations by end of April

The cryptocurrency exchange will only serve global customers going forward.

Bookmark (0)
ClosePlease loginn
Binance.US transitioning to new bank providers; briefly affecting deposits, withdrawals

Binance.US transitioning to new bank providers; briefly affecting deposits, withdrawals

Many transfer methods, including Signature ACH transfers, are affected.

Bookmark (0)
ClosePlease loginn

Leave a Reply

Your email address will not be published. Required fields are marked *