OneKey, a leading crypto hardware wallet provider, was recently hacked by cybersecurity startup Unciphered. The hack was achieved in just one second, according to Unciphered.
The wallet manufacturer has since claimed that the vulnerability that allowed the breach has been fixed.
In a video posted on their YouTube channel, Unciphered explained the hack and how it worked. The hack was made possible due to a lack of encryption between the device’s central processing unit and the secure element, where crypto keys are stored.
An attacker could insert code, disassemble the OneKey Mini, return the device to ‘factory mode’, bypass the security pin, and take the mnemonic phrase.
The team at Unciphered engaged OneKey’s bug bounty program and worked with the manufacturer to patch the vulnerability.
OneKey has issued a statement saying that all disclosed vulnerabilities have been or are being fixed and that no one has been affected. The wallet provider also stressed that these attacks cannot be carried out remotely and would require physical access.
OneKey has claimed that other wallet providers have similar issues, but that they were the fastest to solve them. The manufacturer thanked Unciphered for their contributions to OneKey’s security by paying a bounty.
In conclusion, while OneKey strives for 100% security, it is unlikely to be achieved by any provider. White hackers and security firms play a crucial role in discovering vulnerabilities and helping manufacturers improve their security measures.
Roland is a Public Relations & Communications guru with an immense passion for the blockchain and crypto industry. A fusion of his expertise and passion led to the dawn of Optimisus in 2020.
Related posts
Penguiana Presale Goes Live With Almost 300 SOL Raised In 2 Hours
Sui Turns One: Debut Year of Growth and Tech Breakthroughs Puts Sui at Forefront of Web3
