Ledger clients whose data was stolen in a breach were targeted in a phishing scam this past week. Below, our expert team at Kraken Security Labs has put together an analysis of the ongoing attack against Ledger clients. This instructive case study could prove useful…
Kraken has identified an active scam targeting the cryptocurrency community in which malicious actors are using fake identities to pose as members of our token listing team. Cryptocurrency teams that use LinkedIn and Telegram should be on high alert, as these efforts appear to be…
Kraken Security Labs has identified two new attacks that, if executed successfully by malicious actors, could compromise the security of Ledger Nano X wallet owners. These attacks affect wallets tampered with prior to the user receiving the wallet, as might occur in the event it…
At Kraken Security Labs, we try to discover attacks against crypto users before the bad guys do. The CoolBitX CoolWallet S is a credit-card sized wallet that pairs with mobile phone applications (both Android and iOS) via Bluetooth. We recently discovered the CoolWallet S Android…
Sure, we know that most of the devices, accounts and software in our tech-driven lives need to be secured. Even so, it can be difficult to find actionable tips, tricks and advice. If you’re looking for an easier way to optimize the services you use…
Consider a common scenario. A crypto investor is at work when he or she suddenly reads in the news that Bitcoin is about to “moon.” They want to increase their position, but cannot get home for several hours. Afraid of missing out on the opportunity,…
Kraken Security Labs has devised a way to extract seeds from both cryptocurrency hardware wallets offered from industry leader Trezor, the Trezor One and Trezor Model T. The attack requires just 15 minutes of physical access to the device. This is the first time that…
Kraken Security Labs has found a way to extract seeds from a KeepKey cryptocurrency hardware wallet. All that is required is physical access to the wallet for about 15 minutes. Here’s how we did it: This attack relies on voltage glitching to extract your encrypted…
You must be logged in to post a comment.