A Shift Crypto employee successfully deployed a ransom attack on Trezor and KeepKey hardware wallets last May. While Trezor released a fix on September 2, KeepKey has yet to fix the issue. According to a blog post published on September 2, the vulnerability affected all cryptocurrencies on affected devices. The exploit, which was first spotted on April 15 by developers Shift Crypto, also affected KeepKey wallets — which were originally based on a fork of Trezor’s code and likely operate on similar foundations. When asked about the vulnerability, a KeepKey representative apparently commented that a fix had not yet been …
The hacker that breached the Ethereum.org forum is allegedly selling the databases for the three most-popular crypto hard wallets — Ledger, Trezor, and KeepKey. The three databases contain the name, address, phone number, and email for more than 80,000 users combined, however, they do not contain passwords for the accounts. The hacker has also recently listed the SQL database for online investment platform, BnkToTheFuture. Ledger and Trezor databases reportedly compromised On May 24, cyber crime monitoring website, Under the Breach, spotted the hacker’s new listings for the databases of the top hardware wallet providers. The hacker claims to be in …
Cryptocurrency swaps and hardware wallet producer ShapeShift addressed recent KeepKey hardware wallet vulnerability allegations. ShapeShift responded to an alleged vulnerability submitted through its responsible disclosure program in a Medium post published on Aug. 4. Per the announcement, the firm received a vulnerability report through the program on May 1, which described what the researchers believed to be a hardware vulnerability. The purported vulnerability would allow an attacker to read what was on the wallet’s screen by monitoring power fluctuations to the display in what is known as a side-channel attack. If attackers were monitoring the power levels while sensitive information …