Dark Skippy method can exploit Bitcoin hardware wallets

The post Dark Skippy method can exploit Bitcoin hardware wallets appeared on BitcoinEthereumNews.com.

Security researchers recently disclosed a new type of malicious attack that allows hackers to access hardware wallets and user private keys after two signed transactions. The researchers dubbed the attack Dark Skippy that works if a hacker tricks a user into downloading a malicious firmware. Nick Farrow, Lloyd Fournier, and Robin Linus published the disclosure detailing the information about Dark Skippy. Nick Farrow and Lloyd Fournier are co-founders of the upcoming hardware wallet firm Frostsnap. Robin Linus is involved in the Bitcoin protocols BitVM and ZeroSync. The report explained how every signing device inserts random values known as nonces for every signed BTC transaction. Weak nonces can allow attackers to decipher private keys from the signatures through ‘nonce grinding.’  Dark Skippy attacks depend on a similar technique. An attacker introduces malicious firmware to the signing device. The malicious firmware generates weak nonces every time the device signs a transaction.  An attacker can use techniques like Pollard’s Kangaroo Algorithm to compute the seed phrase and access a victim’s wallet. Dark Skippy is faster and requires fewer signed transactions compared to older nonce grinding techniques. Researchers suggest mitigating measures for Dark Skippy Nick, Robin, and Lloyd offered mitigation measures to deal with Dark Skippy. The researchers explained that most signing devices have hardware security defenses to prevent the loading of malicious firmware. Some include securing device physical access, employing hardware security techniques, buying legit signing devices, and more. Nick tweeted about suggested protocol-based mitigations used in the past, including anti-exfil and deterministic nonces. The three researchers presented new mitigation measures that could coexist with partially signed Bitcoin transactions (PSBT) signing workflows in their report. The two suggested measures include mandatory adaptor signatures and mandatory nonce proof-of-work. The measures aim to disrupt the Dark Skippy attacks like new PSBT fields. The Frostsnap co-founder…

Leave a Reply

Your email address will not be published. Required fields are marked *

Filed under: News - @ August 9, 2024 8:26 pm