Cryptography is all about security. The notion of having a public and private crypto wallet key and multiple hashes adds to those layers of security but at the bottom of it all is a computer processing all of the data. Researchers have now revealed flaws in certain Intel server chips that may allow secure keystrokes to be recorded.
Intel Server Chip Flaw
According to security researchers, attackers may be able to exploit a flaw in certain Intel server processors in order to access sensitive data flowing through them. In 2011 the microprocessor company introduced a performance enhancement to its server line of CPUs to allow peripherals to connect directly via the cache rather than going through memory.
Intel’s Data-Direct I/O (DDIO) increased bandwidth while reducing latency and power consumption. However, according to reports, it has now been revealed that DDIO can be exploited in order to obtain keystrokes and possibly other types of sensitive data that flows through the memory of vulnerable servers.
The primary concern to crypto users is the sensitive encrypted data that is needed to carry out transactions. The research team devised an attack to demonstrate how a compromised server can steal keystroked, even from the protected secure shell session (SSH). It was suggested that a server leased by a malicious actor could abuse the vulnerability to attack other users.
The researchers from the Vrije Universiteit Amsterdam and ETH Zurich named the attack NetCAT, short for Network Cache ATtack. Their findings have prompted an advisory for Intel to disable DDIO or remote direct memory access on untrusted networks.
In a paper published this week, they warned of further attacks and urged processor vendors to take extra precautions.
“While NetCAT is powerful even with only minimal assumptions, we believe that we have merely scratched the surface of possibilities for network-based cache attacks, and we expect similar attacks based on NetCAT in the future,”
At the moment there have been no recorded incidents of crypto theft as a result of this vulnerability. Crypto wallets remain safe and there is no need to panic. The research serves as an example of what can happen in the world of technology and that vulnerabilities are constantly being discovered.
Blockchain networks run on servers on the internet so crypto attackers will always look for the weakest point in the system. This is often the human which is why social engineering is the number one method of exploitation. Hardware vulnerabilities are rare in comparison so all standard security practices still apply.
Do you think crypto wallet keys could be stolen from computers with Intel integrated chips? Let us know below.