Get the scoop on finance - sign up for mobile alerts
Scams, Hacks & Breaches
| On
February 12, 2023

Popular Hardware Crypto Wallet OneKey Hacked by Security Firm, Proving Critical Vulnerability

By Mehron Rokhy

A cybersecurity firm has hacked a popular crypto wallet, proving to its developers that it has critical vulnerabilities.

In a new video update, cybersecurity firm Unciphered reveals to its YouTube audience how they were able to crack the defenses of crypto wallet OneKey and inform its developers of the exploit.

ADVERTISEMENT

“Here’s how the hack works. You have the CPU and the secure element. The secure element is where you keep your crypto keys. Now, normally, the communications are encrypted between the CPU, where the processing is done, and the secure element.

Well it turns out it wasn’t engineered to do so in this space. We figured that out. So what you do is put a tool in the middle that monitors the communications and intercepts them and then injects [its] own commands.

We did that where it then tells the secure element it’s in factory mode and we can take your mnemonics out, which is your money in crypto. So what we’ve done is engage OneKey in their bug bounty program and we got them to patch it.”

According to the cybersecurity experts, OneKey was thankful the exploit was brought to their attention as bad actors could have used it to steal customer funds.

ADVERTISEMENT

“Something like this is a critical vulnerability. It’s really bad. OneKey was relieved we brought this to their attention, and that we did this before a nefarious actor found this and would steal people’s crypto.”

I

Don't Miss a Beat – Subscribe to get email alerts delivered directly to your inbox
Check Price Action
Follow us on X, Facebook and Telegram
Surf The Daily Hodl Mix
&nbsp
Disclaimer: Opinions expressed at The Daily Hodl are not investment advice. Investors should do their due diligence before making any high-risk investments in Bitcoin, cryptocurrency or digital assets. Please be advised that your transfers and trades are at your own risk, and any losses you may incur are your responsibility. The Daily Hodl does not recommend the buying or selling of any cryptocurrencies or digital assets, nor is The Daily Hodl an investment advisor. Please note that The Daily Hodl participates in affiliate marketing.

Featured Image: Shutterstock/GrandeDuc/Andy Chipus