• Press Releases
    • Submit a press release
    • Read All
  • Advertise
  • Contact us
Bitcoinist.com
No Result
View All Result
  • Bitcoin
    • News
    • Price
    • Businesses
    • Acceptance
    • Technology
    • Investment
    • Regulation
    • Reviews
    • Gambling
      • Bitcoin Casinos
      • Real Money Slots
      • Online Casino Real Money
      • Casino utan svensk licens
      • Non Gamstop Casinos
    • All Bitcoin News
  • Altcoins
    • News
    • Price
    • Ethereum
    • Ripple
    • Litecoin
    • EOS
    • NAGA
    • All Altcoin News
  • Tech
    • Blockchain
    • Security
    • FinTech
  • Industry
    • Industry News
    • Press Releases
  • How to
    • Buy gift cards/mobile Top Ups with Cryptos
    • What Is Bitcoin?
    • Best Bitcoin Wallet
    • Bitcoin vs Ethereum
    • Why Use Blockchain Technology?
    • Bitcoin Cash ABC vs. Bitcoin Cash SV
    • How to Buy Cryptocurrency
    • Bitcoin Mining
    • Best Bitcoin Brokers
    • Best Bitcoin Forex Brokers
    • How To Earn Bitcoin
    • What is Facebook Libra?
    • Ripple and XRP: The Complete Guide
    • Bitcoin Casinos – Where, What and How to Play
  • Events
  • Casinos
  • Play Games
  • Play Casino Games
  • Best crypto casino
Breaking News: KyberSwap Hacker Demands Full Control, Sets December 10th Deadline
  • Bitcoin
    • News
    • Price
    • Businesses
    • Acceptance
    • Technology
    • Investment
    • Regulation
    • Reviews
    • Gambling
      • Bitcoin Casinos
      • Real Money Slots
      • Online Casino Real Money
      • Casino utan svensk licens
      • Non Gamstop Casinos
    • All Bitcoin News
  • Altcoins
    • News
    • Price
    • Ethereum
    • Ripple
    • Litecoin
    • EOS
    • NAGA
    • All Altcoin News
  • Tech
    • Blockchain
    • Security
    • FinTech
  • Industry
    • Industry News
    • Press Releases
  • How to
    • Buy gift cards/mobile Top Ups with Cryptos
    • What Is Bitcoin?
    • Best Bitcoin Wallet
    • Bitcoin vs Ethereum
    • Why Use Blockchain Technology?
    • Bitcoin Cash ABC vs. Bitcoin Cash SV
    • How to Buy Cryptocurrency
    • Bitcoin Mining
    • Best Bitcoin Brokers
    • Best Bitcoin Forex Brokers
    • How To Earn Bitcoin
    • What is Facebook Libra?
    • Ripple and XRP: The Complete Guide
    • Bitcoin Casinos – Where, What and How to Play
  • Events
  • Casinos
  • Play Games
  • Play Casino Games
  • Best crypto casino
Bitcoinist.com
No Result
View All Result
Breaking News: KyberSwap Hacker Demands Full Control, Sets December 10th Deadline
Keepkey crypto flaw

Kraken: Keepkey Crypto Hardware Wallet Has an Alarming Flaw

davitbabayan by davitbabayan
4 years ago
in Bitcoin Security, Bitcoin Businesses, Bitcoin Wallet, Companies, News, News teaser
0

Crypto practitioners who depend on Keepkey hardware wallets to store their coins ought to take a pledge of not discussing it in public.


Kraken Warns Crypto Users

The warning appears on Kraken’s latest blog post wherein it discusses a serious flaw in all of the Keepkey hardware wallets. The US exchange’s security research wing claims that it has found a way to hack seeds from Keepkey wallets. In retrospective, a seed phrase is a string of random words that allows owners to recover their cryptocurrency wallets. That said, anybody with access to seeds could gain access to cryptocurrency funds stored on a wallet.

Kraken found that Keepkey devices have an issue related to their microcontrollers. The exchange noted that people with physical access to victims’ crypto wallets could use specialized hardware to read their encrypted seeds. For that, the attacker would also need to crack the wallets’ pin code through brute force.

The issue now resides in each one of the Keepkey wallets in circulation. The company cannot solve it until it decides to replace them all with patched devices.

“This,” wrote Kraken, “unfortunately means that it is difficult for the KeepKey team to do anything about this vulnerability without a hardware redesign.”

Not a New Problem

Keepkey rubbished Kraken’s findings based on its lack of relevance. The firm shared two articles discussing the same issue. One of them was penned by ShapeShift, which supports Keepkey as its premier wallet on its crypto-to-crypto exchange. The trading platform had written in June that Keepkey can protect clients’ funds from the most common attack vectors, such as viruses, malware, or remote hackers trying to steal private keys. Nevertheless, the firm is as helpless as any other wallet company when it comes to protecting clients’ devices from physical attacks.

“If somebody else has physical access to your device — as well as the time, skill, and tools necessary — they will always be able to command the device to do whatever they want, bypassing any digital lock that exists,” wrote ShapeShift. “Again, this is true of any hardware wallet.”

We have two blog posts on this topic: https://t.co/z0My6qIc9c and https://t.co/M2AU7QK2IH

— KeepKey (@cryptokeepkey) December 10, 2019

Keepkey rival, Ledger, had responded similarly to a malware issue affecting its Nano S wallets back in 2018. After DocDroid reported that attackers could game the Ledger software by replacing the copied receiver addresses with its own, the firm had responded by saying that the issue was universal. Excerpts:

Malware can always change what you see on your computer screen. The only solution is prevention and building a UX to make the user check on its device. The on-device verification feature has been added [six] month ago already.

Solution: Use Complex Passphrases

Charles Guillemet, the chief security officer at Ledger, demonstrated that hackers could guess Keepkey’s wallets’ passphrase in less than a minute by applying different combinations. Kraken reiterated the same evidence in its blog post, leading ShapeShift to write an eleven-step manual to fix the said problem.

Guillemet recommends using passphrases comprised of at least 32 digits made up of a unique combination of numbers, symbols, as well as upper and lower-case letters…With a sufficiently-long passphrase, if an attacker takes the data off your device, they’ll never be able to unlock it. Your PIN and your passphrase keep your funds — safe.

Overall, the issue reminded what doomsday economist Nouriel Roubini had complained about cryptocurrencies. He had noted that anybody with a gun can steal private keys of wallets holding multi-million dollars worth of bitcoin. More so, there was no way for the victim to get the stolen funds back since crypto transactions are irreversible.

By Q3 2019, the cryptocurrency industry lost about $4.4 billion to frauds and thefts, noted CipherTrace in its report. As of June, the amount was $1.1 billion.

What do you think of Kraken’s findings? Add your thoughts below!


Images via Shutterstock, Twitter @cryptokeepkey

ShareTweetShareShare

Sign Up for Our Newsletter!

For updates and exclusive offers enter your email.

I consent to my submitted data being collected and stored.

davitbabayan

davitbabayan

Related Posts

Genesis

Genesis And DCG Bury The Hatchet In $620 Million Legal Showdown

6 days ago
Charlie Munger

Bitcoin’s Fierce Opponent Charlie Munger Breathes His Last At 99

7 days ago
The Demise Of Inferno Drainer: Accomplice In $70 Million Fraud Uncovered

The Demise Of Inferno Drainer: Accomplice In $70 Million Fraud Uncovered

1 week ago
Ripple

Ripple Sets Sights On Dominating $300 Trillion Payment Sector

1 week ago
Sam Altman

Bizarre Twist: Sam Altman Makes A Surprise Return To OpenAI As CEO

2 weeks ago
Binance

Binance CEO Pleads Guilty To Criminal Charges, Faces 10 Years In Jail – Details

2 weeks ago
Please login to join discussion

Premium Partners

Premium Casino Partners

Top Casinos

Trust Dice
Trust Dice
Punt Casino
Punt Casino
mBit
mBit
Inmerion
Inmerion

Press Releases

  • Top 3 Altcoins to Explode in December: BNB, ADA, and QUBE

    5 hours ago
  • Avalanche and NEAR Protocol Displaying Promise, While a New...

    6 hours ago
  • Crypto Race 2023: Rebel Satoshi, Arbitrum, and EOS Lead the...

    6 hours ago
  • 3 Reasons Memeinator Tops List of Altcoins to Watch in 2023

    11 hours ago
  • Meme Coin that Makes an Impact – How Chimpzee Strengthens...

    11 hours ago

Bitcoin news portal providing breaking news, guides, price analysis about decentralized digital money & blockchain technology.

Bitcoin

  • News
  • Price
  • Businesses
  • Acceptance
  • Technology
  • Investment
  • Regulation
  • Reviews

Altcoins

  • News
  • Price
  • Ethereum
  • Ripple
  • Litecoin
  • EOS
  • NAGA

Categories

  • Blockchain
  • Security
  • FinTech
  • Technology
  • Trending
  • Breaking News
  • Press Releases
  • How to

Pages

  • Contact us
  • Editorial Policy
  • Advertise
© 2023 Bitcoinist.com. All Rights Reserved.
  • Bitcoin
    • News
    • Price
    • Businesses
    • Acceptance
    • Technology
    • Investment
    • Regulation
    • Reviews
    • Gambling
      • Bitcoin Casinos
      • Real Money Slots
      • Online Casino Real Money
      • Casino utan svensk licens
      • Non Gamstop Casinos
    • All Bitcoin News
  • Altcoins
    • News
    • Price
    • Ethereum
    • Ripple
    • Litecoin
    • EOS
    • NAGA
    • All Altcoin News
  • Tech
    • Blockchain
    • Security
    • FinTech
  • Industry
    • Industry News
    • Press Releases
  • How to
    • Buy gift cards/mobile Top Ups with Cryptos
    • What Is Bitcoin?
    • Best Bitcoin Wallet
    • Bitcoin vs Ethereum
    • Why Use Blockchain Technology?
    • Bitcoin Cash ABC vs. Bitcoin Cash SV
    • How to Buy Cryptocurrency
    • Bitcoin Mining
    • Best Bitcoin Brokers
    • Best Bitcoin Forex Brokers
    • How To Earn Bitcoin
    • What is Facebook Libra?
    • Ripple and XRP: The Complete Guide
    • Bitcoin Casinos – Where, What and How to Play
  • Events
  • Casinos
  • Play Games
  • Play Casino Games
  • Best crypto casino

© 2023 Bitcoinist. All Rights Reserved.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Center or Cookie Policy.