Kraken has identified an active scam targeting the cryptocurrency community in which malicious actors are using fake identities to pose as members of our token listing team. Cryptocurrency teams that use LinkedIn and Telegram should be on high alert, as these efforts appear to be…
Kraken Security Labs has identified two new attacks that, if executed successfully by malicious actors, could compromise the security of Ledger Nano X wallet owners. These attacks affect wallets tampered with prior to the user receiving the wallet, as might occur in the event it…
At Kraken Security Labs, we try to discover attacks against crypto users before the bad guys do. The CoolBitX CoolWallet S is a credit-card sized wallet that pairs with mobile phone applications (both Android and iOS) via Bluetooth. We recently discovered the CoolWallet S Android…
Sure, we know that most of the devices, accounts and software in our tech-driven lives need to be secured. Even so, it can be difficult to find actionable tips, tricks and advice. If you’re looking for an easier way to optimize the services you use…
Consider a common scenario. A crypto investor is at work when he or she suddenly reads in the news that Bitcoin is about to “moon.” They want to increase their position, but cannot get home for several hours. Afraid of missing out on the opportunity,…
Kraken Security Labs has devised a way to extract seeds from both cryptocurrency hardware wallets offered from industry leader Trezor, the Trezor One and Trezor Model T. The attack requires just 15 minutes of physical access to the device. This is the first time that…
Kraken Security Labs has found a way to extract seeds from a KeepKey cryptocurrency hardware wallet. All that is required is physical access to the wallet for about 15 minutes. Here’s how we did it: This attack relies on voltage glitching to extract your encrypted…
Although much of the original KeepKey codebase is based on the Trezor One, their codebases have diverged. The KeepKey team added several mitigation mechanisms to make the KeepKey firmware resilient to the glitching attacks demonstrated during the Wallet.Fail talk at 35th Chaos Communications Congress; however,…
You must be logged in to post a comment.