Yishi
Yishi|May 12, 2026 03:08
OneKey Anzen Security Lab's research has been officially accepted by Black Hat USA. We’ll be demonstrating how to start from a memory corruption vulnerability and successfully hack some mainstream hardware wallets on the market. Even with multi-layer security designs like secure chips, OTP/fuses, key sharding, and defense-in-depth, the attack chain can still progress all the way to ultimately cracking the mnemonic phrase. This vulnerability isn’t in the wallet manufacturers’ own business code but rather in a widely reused USB reference SDK from a SoC vendor, representing a supply chain-level risk. POS terminals, card readers, trusted embedded devices—anything built on similar SDKs could be exposed to the same attack surface. One interesting aspect of this research is that, without JTAG, SWD, or any hardware debugging interfaces, we deeply utilized specific LLM models for memory leak analysis, firmware memory layout inference, payload iteration, privilege escalation, and ultimately cracking the mnemonic phrase. AI compressing the timeline for real vulnerability research and exploitation development means hardware security must step up its game. The Anzen team has responsibly disclosed this to the relevant parties, and once the affected vendors complete their fixes, we’ll share more details about the research. https://(blackhat.com)/us-26/briefings/schedule/index.html from-8-bytes-to-full-compromise-ai-assisted-exploitation-of-a-widespread-usb-flaw-in-a-dual-se-hardware-wallet-52311
+6
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads