Kraken Security Lab said crypto hardware wallet KeepKey is not doing enough to protect customers from physical attacks, saying it was able to get into the system using a $75 device.
Kraken Security Lab said KeepKey is already aware of similar physical attacks, but seems to be focusing more on protecting users' keys from remote attacks, citing a statement from KeepKey's parent Shapeshift on June 13.The attacks can extract seeds that could help users restore and backup their wallets from a voltage glitching device costing roughly $75.However, Michael Perklin, chief information security officer of Shapeshift, said Kraken Security's statement is misleading, according to a statement received by CoinDesk.
The crypto exchange acquired hardware wallet startup KeepKey for an undisclosed amount in August 2017 to develop its technology and security for its crypto holders.
"Not only does this attack require physical possession of the device, it would require significant preparation and expertise, as well as specialized equipment," Perklin said.
"The average person would not have the education about hardware design or computer science to go pick out parts for $75 and successfully assemble a tool to use for this type of attack."
Kraken Security Lab said in its blog post that while physical attacks are difficult to defend against, it found Keepkey's focus on remote attacks "Potentially out of line with the branding of [its] product."
Perklin responded that KeepKey took measures to protect its users from potential physical attacks before Kraken notified it.
One of the reasons such physical attacks are difficult to prevent is KeepKey has to redesign its hardware.
In particular, Kraken Security Lab claims, the wallet needs to change the microcontroller because of "Inherent flaws" that could be used by hackers.
Kraken Security Lab said it disclosed the full details of this threat of attack to KeepKey on Sept. 11 and is going public now so the crypto community can protect itself.
Kraken: $75 Device Will Get You Into Crypto Hardware Wallet KeepKey
Publicado en Dec 11, 2019
by Coindesk | Publicado en Coinage
Coinage
Noticias recientes
Ver todo
Blockchain Bites: Bitcoin's Run, Uniswap's Hemorrhaging Value, Anchorage's Banking Bid
Bitcoin is nearing all-time highs in price and market cap last set three years ago.
Japan's megabanks to lead experiment with digital yen
We have, in order, Cheese Bank with a $3.3 million theft, Akropolis with its $2 million loss, Value DeFi with a whopping $6 million exploit and finally Origin Protocol's loss of $7 million.
Number of new Bitcoin addresses spikes amid growing FOMO
Japan's three largest banks, as part of a group of 30 private sector actors, are set to collaborate on an experiment with a digital yen.
Not just Wall Street: Quant trader explains why Bitcoin price is going up
Sam Trabucco, a quantitative trader at Alameda Research, believes four general factors are pushing up the price of Bitcoin.