New Crypto Wallet vulnerability Puts Bitcoin at Risk
researchers have identified a serious flaw in some crypto hardware wallets.This vulnerability lets attackers sign unauthorized Bitcoin transactions and steal private keys. The issue affects wallets using the ESP32 chip, a common microcontroller in embedded systems.
Crypto Deep Tech, a cybersecurity firm, highlighted this major flaw.The chip is used in wallets like Blockstream Jade and open-source projects such as Bowser and Colibri. Its Bluetooth and Wi-Fi features can be exploited to inject malicious updates, giving attackers access to sensitive data.
The chip has multiple weaknesses. A weak random number generator makes Bitcoin keys predictable. Broken validation checks allow invalid keys. Electrum-based wallets are particularly at risk. attackers can forge signatures, making fake transactions seem real.
This vulnerability is stealthy. In a test, researchers bypassed security, recovered a private key, and accessed a wallet wiht 10 BTC unnoticed. The risk extends beyond crypto wallets. It could lead to supply chain attacks and state-level espionage.
To stay safe, use trusted devices, keep software updated, and rely on secure cryptographic libraries. Despite being safer than software wallets, hardware wallets still have vulnerabilities.
recently, Ledger Donjon found that Trezor’s latest models use a microcontroller vulnerable to physical attacks. Even with a secure element for PIN storage, the STM32 chip can be exploited through voltage glitching, a software-based attack that’s hard to detect.
