Shapeshift with Hardware wallet Keepkey vulnerability report

Must Read

Bitcoin Bull Rally Incoming? Market Price Keeping Below the Production Cost Ahead of Halving

Bitcoin is staying above its crucial level $9,000 for sometime now while experiencing some...

Trader shares the “Very Reason All Investors Should Hold some Bitcoin”

In 2020, the price of the leading asset had one of its worst one-day drops...

Bitcoin Sees an Influx of Retail Interest with Investors Doubling Down on HODLing

After tumbling down to below $6,500 yet again, Bitcoin went back above $7,000 in...
- Advertisement -BTCClicks.com Banner
Earn Free Bitcoin

Cryptocurrency swaps and hardware wallet producer ShapeShift addressed recent KeepKey hardware wallet vulnerability allegations.

ShapeShift responded to an alleged vulnerability submitted through its responsible disclosure program in a Medium post published on Aug. 4. Per the announcement, the firm received a vulnerability report through the program on May 1, which described what the researchers believed to be a hardware vulnerability.

The purported vulnerability would allow an attacker to read what was on the wallet’s screen by monitoring power fluctuations to the display in what is known as a side-channel attack. If attackers were monitoring the power levels while sensitive information was displayed on-screen, this would ostensibly give them the opportunity to steal funds from the device.

The “vulnerability” is impractical

ShapeShift notes that, to obtain access to sensitive information displayed on-screen, an attacker would need to have physical access to the device and accurately monitor the KeepKey’s energy consumption with an oscillometer (or a similar instrument) as the information is displayed.

ShapeShift explains that, since this alleged vulnerability would require physical access, there would be a simpler way to acquire the information:

“By comparison, it would be far easier to steal someone’s Recovery Phrase by simply looking over their shoulder while they set up their KeepKey or installing a hidden camera in the room in which it was being initialized.”

ShapeShift states that a side-channel attack would require physical access, specialized equipment, hardware skills and statistical analysis of the data to derive the contents displayed based from only the display’s energy consumption. Furthermore, it claims that, even if all of those requirements were met, it would still be highly difficult to interpret the data:

“Due to the larger display in KeepKey, multiple Recovery Phrase words are displayed at once. This makes it much more difficult to identify individual words (and the order of words) based off the power used by the screen.”

- Advertisement -
- Advertisement -

Latest News

Wyoming Amends Insurance Code to Allow Insurance Companies to Invest in Bitcoin & other Cryptos

In the first provision of its kind, Wyoming is allowing the domestic insurers to invest...
- Advertisement -Earn Free Bitcoin

Its’ Finally Here A 100% Local Non-Custodial P2P Cryptocurrency Marketplace.

Finfreeotc is soon launching a one of a kind peer to peer cryptocurrency market place. Their marketplace is 100% non-custodial,...

WorldMarkets continues with the success of its trading artificial intelligence

Today we live in the information age, and access to information is unlimited. And that produces the paradox of misinformation. That's why...

MyTvchain.com Records Growth for The First Blockchain ​​Web Tv Platform Dedicated to Sport Clubs And Athletes

Sophia Antipolis (France) and Singapore: The first web TV platform dedicated to sports clubs and athletes opened in...

Crypto-Broker Instacoins Receives Operating License in Estonia

Instacoins Estonia OÜ, a cryptocurrency brokerage, is pleased to announce it has received an operating license from the Estonian Financial Intelligence Unit (FIU). The...