New Dark Skippy Attack Let Hackers Steal Secret Keys From Signing Device

In Cybersecurity News - Original News Source is cybersecuritynews.com by Blog Writer

Post Sharing

The threat landscape is significantly evolving, and cybersecurity researchers are continuously developing new security mechanisms to mitigate such evolving and sophisticated threats.

Cybersecurity researchers Lloyd Fournier, Nick Farrow, and Robin Linus recently discovered a new Dark Skippy attack that enables hackers to steal secret keys from signing devices.

While it was discovered on the 8th of March 2024, and researchers privately disclosed this flaw to around 15 different vendors.

Dark Skippy is a sophisticated attack method that exploits corrupted firmware in Bitcoin hardware wallets and signing devices to leak secret keys.

Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot

Dark Skippy Attack

This technique, while primarily identified in the context of cryptocurrency security, may have broader applications in other cryptographic systems. Though theoretically powerful, Dark Skippy has not yet been observed in real-world attacks.

Here’s the DARK SKIPPY demo

While besides this, the Dark Skippy does not aim at any specific hardware wallet or signing device.

Instead, it is a general process that any malicious signing device could execute. Currently, it is still theoretical and has never been seen in real-world attacks.

The key protection against Dark Skippy depends on employing genuine devices with firmware that have not been tampered with. 

Once an attacker compromises a device with malicious firmware that supports executing a Dark Skippy attack, the user’s funds are immediately lost.

This brings to the forefront the importance of secure hardware wallets and continued vigilance within the cryptocurrency arena.

Dark Skippy aims at the vulnerability of Schnorr signature technology in cryptocurrency signing devices. This is initiated by manipulating nonces while creating signatures in the firmware it has compromised.

Besides this, it has key advantages like being covert, having no additional communication channels, working against stateless devices, exfiltrating the master secret, and affecting every user of a malicious device.

Instead, an attacker would prefer to use weak nonces of low entropy derived from a secret seed as opposed to random 32-byte nonces. To this end, the attacker will split this 16-byte part across two signatures.

The attacker scans for these tampered signatures and uses Pollard’s Kangaroo algorithm to extract secret nonces to reconstruct the full seed.

Advanced versions might include nonce blinding and transaction watermarking with more increased stealth features. This approach makes it much simpler for an adversary to get a hold of the wallet’s private keys.

It is almost invisible to users and hard to dissect through forensics, stressing how critical hardware integrity and firmware verification are in cryptocurrency safety.

Recommendations

Here below we have mentioned all the recommendations provided by the cybersecurity analysts:-

  • Check open-source firmware against the vendor’s public keys.
  • Use devices that automatically check firmware signatures.
  • Shield the device from physical tampering between uses.
  • Be wary of unexpected updates of firmware.

Are you from SOC and DFIR Teams? Analyse Malware Incidents & get live Access with ANY.RUN -> Get 14 Days Free Access