NEW: FREE Web3 Resume Cheat Sheet DOWNLOAD NOW

Dark Skippy method can exploit Bitcoin hardware wallets

In this post:

  • A recent disclosure revealed a new method hackers use to leak user private keys from hardware wallets.
  • The method allows hackers to steal private keys after a user signs two transactions.
  • Users and hardware wallet makers are urged to take extra care to prevent the attack.

Security researchers recently disclosed a new type of malicious attack that allows hackers to access hardware wallets and user private keys after two signed transactions. The researchers dubbed the attack Dark Skippy that works if a hacker tricks a user into downloading a malicious firmware.

Nick Farrow, Lloyd Fournier, and Robin Linus published the disclosure detailing the information about Dark Skippy. Nick Farrow and Lloyd Fournier are co-founders of the upcoming hardware wallet firm Frostsnap. Robin Linus is involved in the Bitcoin protocols BitVM and ZeroSync.

The report explained how every signing device inserts random values known as nonces for every signed BTC transaction. Weak nonces can allow attackers to decipher private keys from the signatures through ‘nonce grinding.’ 

Dark Skippy attacks depend on a similar technique. An attacker introduces malicious firmware to the signing device. The malicious firmware generates weak nonces every time the device signs a transaction. 

An attacker can use techniques like Pollard’s Kangaroo Algorithm to compute the seed phrase and access a victim’s wallet. Dark Skippy is faster and requires fewer signed transactions compared to older nonce grinding techniques.

Researchers suggest mitigating measures for Dark Skippy

Nick, Robin, and Lloyd offered mitigation measures to deal with Dark Skippy. The researchers explained that most signing devices have hardware security defenses to prevent the loading of malicious firmware. Some include securing device physical access, employing hardware security techniques, buying legit signing devices, and more.

See also  "Kraken may know the identity of Satoshi" - Conor Grogan, Coinbase exec claims

Nick tweeted about suggested protocol-based mitigations used in the past, including anti-exfil and deterministic nonces. The three researchers presented new mitigation measures that could coexist with partially signed Bitcoin transactions (PSBT) signing workflows in their report.

The two suggested measures include mandatory adaptor signatures and mandatory nonce proof-of-work. The measures aim to disrupt the Dark Skippy attacks like new PSBT fields.

The Frostsnap co-founder still insisted on mitigation discussions and implementations to deal with the new threat. The researchers also asked readers and industry experts to provide feedback on the mitigation measures provided in the report. 

Bitrace warns about new QR code scams 

Bitrace recently tweeted about a new scam that tricks users into authorizing wallets. A recent crypto wallet theft victim contacted the company requesting assistance. The victim explained that their funds were all stolen after testing a transfer of 1 USDT through a QR code. The victim revealed that they couldn’t understand how someone robbed them after only scanning a QR code.

The data analytics company explained that QR code scams were a new scam type involving a QR code transfer test. The scammers first suggest an over-the-counter transaction to unaware victims. The bad actors then offer lower rates than other crypto market services. 

See also  Bitcoin February flip! Retail dumps, whales prepare for the next leg up

The company also revealed that scammers offer TRX as a fee for long-term cooperation and make a USDT payment to gain trust. The scammer then requests a small payment test to access a victim.

Bitrace tested the scam using an empty wallet and the QR code the victim provided. The company said the scan led them to a third-party website requesting a repayment amount. Once the victim confirms the transaction, scammers steal the wallet authorization. The cybercriminals then transfer all the funds from the victim’s wallet.

Cryptopolitan Academy: FREE Web3 Resume Cheat Sheet - Download Now

Share link:

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Editor's choice

Loading Editor's Choice articles...
Subscribe to CryptoPolitan