Category Archives: News

2023, Articles, Cardokey, Eco-friendly, EviSwap NFC NDEF Technology, GreenTech

NFC Business Cards with Cardokey free for life: How to Connect without Revealing

Posted on by FMTAD
Cardokey NFC vCard Business: Edit, Read, and Import Contacts Seamlessly on iPhone.
08
Nov
NFC Business Cards with Cardokey by Jacques Gascuel: This article will be updated with any new information on the topic.

How to Create NFC Business Cards with Cardokey

Do you want to create your contact information in a simple, fast and eco-friendly way? Do you want to use NFC technology without spending a fortune or compromising your privacy? Then you need to read this article about Cardokey, the app that’s revolutionizing NFC business cards.

Cardokey NFC vCard Business: Edit, Read, and Import Contacts Seamlessly on iPhone.

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking
March 25, 2024
Cardokey NFC vCard Business: Edit, Read, and Import Contacts Seamlessly on iPhone.

2023 Articles Cardokey Eco-friendly EviSwap NFC NDEF Technology GreenTech

NFC Business Cards with Cardokey free for life: How to Connect without Revealing
November 8, 2023

2023 Articles Cyberculture Eco-friendly Electronics GreenTech Technologies

The first wood transistor for green electronics
April 29, 2023
Hardware Secrets Manager, Eco-friendly, NFC devices, works contactless from Freemindtronic is sustainable technology respects the environment design & product made in Andorra

Eco-friendly GreenTech

Hardware secrets manager Eco-friendly
April 25, 2021

NFC Business Cards: Create your NFC vCard with Cardokey, the Eco-Friendly and Secure NFC App

Are you looking for an eco-friendly way to create contactless business cards? Do you want to benefit from affordable NFC technology and prioritize privacy? You’ll love Cardokey – the app revolutionizing NFC business cards! Cardokey, the NFC business card that connects you while protecting your privacy.

What is Cardokey and how does it work?

Cardokey: Free App for Eco-Friendly NFC Business Cards

You can easily and free create and share your business cards, your social network links or links to your favorite sites for life. Recycle any NFC Tag, NFC Ticket, NFC Sticker or NFC card allowing the use of the NDEF format.
Use of the free Cardokey application is completely anonymous and does not ask for any personal or professional information. You therefore do not need to create an account or identify yourself to use Cardokey.

Cardokey: a compliant and sustainable solution

Cardokey adheres to various standards like ISO/IEC 7816-4, ISO/IEC 14443, NFC Forum Type 2, ISO/IEC 18092, and ISO/IEC 15693 without compromising your privacy or security. It also complies with international data protection laws such as GDPR, PIPEDA, CCPA, and more.

Cardokey is an eco-designed solution that contributes to the UN Goal 12. Consequently, it complies with international standards for eco-responsible practices, circular and solidarity economy, sustainable economy and carbon footprint reduction.

Cardokey: a compatible and versatile app

NFC business cards created with Cardokey are compatible with all NFC phones, Android and iPhone. The application works in real time, offline, without a database, including in airplane mode. This means that you can modify the information contained in the memory of your NFC media at any time. The app also allows you to format any NFC Media to NDEF format and also erase almost all types of NFC chips.

Cardokey: a simple and fast way to share your contact information

Digital business cards created with Cardokey can be shared in seconds. In fact, your interlocutor does not need to download a specific application in order to be able to read the information you wish to share. All he has to do is place the digital business card under his phone equipped with NFC technology to see the information.

How to create an NFC business card with Cardokey that fits the memory size of your NFC media?

The intelligent system of Cardokey

One of the most interesting features of Cardokey is the automatic management of the memory size of forms. The contact form indicates in real time the actual occupancy of the NDEF memory based on the number of characters. The Cardokey user knows the type of vCard information. He can store it according to the memory size. The memory size depends on the NFC media.

The different types of NFC Media and their memory size

It is possible to make a vCard with a minimum of name, surname and email information for a very small NFC memory4. For example, on an NTAG Nano, which has a capacity of 160 bytes and can store NDEF messages of up to 128 bytes, one can store basic information like a person’s name, surname, phone number, and email address.

Or, more complete information can be stored on a ST25TV02K chip, which has a capacity of 256 bytes and can store NDEF messages of up to 224 bytes. In this case, one can include a person’s name, surname, title, organization, phone number, email address, and postal address.

The steps to create an NFC business card with Cardokey

You can create NFC business cards that fit the memory size of your media without losing information. This allows you to optimize the use of your NFC Media and take advantage of their full capabilities.

To create NFC business cards that fit the memory size of your media, simply follow these steps:

  • Open the Cardokey app and choose the type of content you want to create (business card, URL link, social media link).
  • Enter the information you want to share in the contact form. The form tells you in real time how much memory your data is occupying and how much memory is available on your media.
  • Hover your smartphone to the NFC media of your choice. The app writes the data to the NFC media and confirms that the NFC business card has been created successfully.
  • Test your NFC business card by scanning it with your smartphone or another NFC phone. You’ll see the information you’ve shared on the screen.

That’s it, you’ve created an NFC business card adapted to the memory size of your media, thanks to Cardokey’s automatic form memory size management feature

What are the benefits of NFC business cards with Cardokey?

Cardokey is free and anonymous

Cardokey is a free app that lets you create NFC vCard business cards easily. You can create as many NFC business cards as you want, without paying any fees or signing up for any subscriptions. Moreover, Cardokey is completely anonymous and does not ask for any personal or professional information from the user. You don’t need to create an account or fill in any data. Everything works offline, in real-time, without a database.

Cardokey is easy to use

Cardokey is very easy to use, with one-click installation and operation. You don’t need any technical knowledge or specific hardware to create your NFC business cards. All you have to do is download the app on your smartphone, choose the type of content you want to create, enter the information you want to share, and swipe your smartphone on the NFC media of your choice. And there you have it, your NFC business card is ready! Furthermore, Cardokey features an intelligent system that optimizes the NDEF memory management of NFC media. This provides an optimal user experience.

How Cardokey protects your data with EviSwap NFC NDEF technology

The innovative features of EviSwap NFC NDEF technology

Cardokey uses EviSwap NFC NDEF technology by Freemindtronic for cybersecurity. This is an innovative technology that lets you create and share digital contacts contactless for life. With a simple click, you can create NFC business cards on any NFC media, whether it is disposable or not. You can give a new use to NFC tickets, cards, labels, and tags. You can also rewrite your NFC business cards at least a million times without any risk of error. You can use them for more than 40 years without needing a power source.

The standard and secure format of EviSwap NFC NDEF technology

EviSwap NFC NDEF technology is a technology that uses NFC to facilitate data exchange by implementing the NDEF NFC standard. NDEF stands for NFC Data Exchange Format. It is a standardized format that contains structured data, such as contacts, links, texts, images, etc. NDEF files are compatible with most computer and phone terminals, which can read and write them directly on the NFC memory. EviSwap NFC NDEF technology is especially used by Freemindtronic to exchange encrypted data from human to human from an NFC media, ensuring data security and privacy.

The performance and durability of EviSwap NFC NDEF technology for industrial chips

EviSwap NFC NDEF technology is also compatible with all NFC NDEF media, but it has the advantage of being optimized for Freemindtronic’s NFC HSM industrial chips. These chips can operate in a wide range of temperatures, from -40°C to +85°C. They can withstand harsh environments and resist shocks, vibrations, and water. They are ideal for applications that require reliability and robustness, such as logistics, manufacturing, or security. Moreover, EviSwap NFC NDEF technology is optimized to exchange the largest quantity of information stored in a large NFC memory. For example, it is possible to store NDEF messages of up to 7.9 kilobytes on an M24LR64E-R chip, which has a capacity of 8 kilobytes. In this case, one can add all types of vCard data as well as security keys, digital signature keys and other custom data.

Cardokey: the anonymous and reusable solution for creating NFC business cards

Cardokey is a secure and reusable solution. The Cardokey app works anonymously. It is not connected to a remote service. It does not store in the phone the data. It does not ask you for any information about the user. Finally, it works in real time in Air Gap Network Security . The EviSwap technology also includes an intelligent system to optimize the memory management of NFC media. The goal is to improve the user experience. The intelligent system informs the user in real time of the limits imposed by the maximum size of the NDEF memory available in the media. This allows you to easily store data according to the memory size.

Cardokey, an eco-friendly application

Cardokey isn’t just a universal app for people worldwide; it’s also eco-friendly, allowing you to recycle NFC media and reduce their environmental impact.

How Cardokey recycles NFC Media

NFC media, such as tags, cards or bracelets, are made of several elements and materials, such as PET (polyethylene terephthalate), aluminum or copper for the antenna, a silicon NFC chip, gold or other metals, and an adhesive. These materials are not all easily recyclable, and can cause pollution or waste problems. For example, PET is a common plastic, that is used in many consumer products, like water bottles or packaging. Although PET is recyclable, when it is used in large quantities and in the form of an NFC tag, it is hard to separate PET from other components for recycling, and it tends to clog the treatment filters. Moreover, the metal of an NFC antenna is difficult to recover and recycle. Finally, the NFC chip itself contains precious metals, that are often lost during the recycling process.

To avoid these problems, Cardokey offers an innovative and ecological solution: it allows you to recycle NFC media by reusing them to create new NFC business cards. Instead of throwing away your old NFC tags, cards or bracelets, you can transform them into NFC business cards with Cardokey, and give them a new life. You can also use existing NFC media, such as transport tickets, or access badges, and convert them into NFC business cards with Cardokey. You can thus enjoy all the benefits of NFC technology, without generating additional waste.

How Cardokey works with different types of NFC chips

Cardokey recycles all types of NFC chips (1, 2, 3, 4 and 5), regardless of ISO standards (14443, 15693, 18092). It detects chip types and adjusts accordingly for maximum compatibility. For example, Cardokey can read and write to NFC chips that have enough memory to store information, such as NTAG, MIFARE or ICODE chips. However, Cardokey will not be able to format, erase or modify NFC chips that are permanently locked.

How Cardokey helps you create personalized NFC business cards

By using Cardokey, you can recycle NFC media and turn them into personalized NFC business cards, that contain the information you want to share, such as your name, company, title, website, email, phone number, and more. You can also create URL links to documents or presentations that are useful for your business, such as quotes, contracts, portfolios, and more. You can also create pre-configured links to your favorite social networks, such as Deviantart, Discord, Facebook, Flickr, GitHub, ICQ, Instagram, LinkedIn, Mastodon, Medium, Pinterest, Reddit, Skype, Slack, Snapchat, SoundCloud, Spotify, Steam, Telegram, TikTok, Tumblr, Twitch, Twitter, VKontakte, WeChat, WhatsApp, YouTube, etc. Finally, you can manage your data and contacts in the NFC card, edit or delete them at any time, and view them on your phone or card.

How Cardokey contributes to the preservation of the planet

If we consider the 14 languages ​​available in the Cardokey application, this represents more than 3.7 billion potential users. These potential users can each recycle 10 NFC media each year. This represents 37 billion NFC supports annually. This reduces the environmental impact of NFC and helps preserve the planet.

How Cardokey is eco-friendly and compliant

Cardokey is an eco-designed solution that contributes to the UN Goal 12. This goal aims to ensure sustainable consumption and production patterns. It complies with ISO 14001, Basel and WEEE standards. It also follows international standards for eco-responsible practices, circular and solidarity economy, sustainable economy and carbon footprint reduction. In addition, Cardokey complies with various standards and regulations. These include ISO/IEC 7816-4, ISO/IEC 14443, NFC Forum Type 2, ISO/IEC 18092 and ISO/IEC 15693. It also follows international law rules on the protection of private and professional data. These include the General Data Protection Regulation (GDPR), the Personal Information Protection and Electronic Documents Act (PIPEDA), the California Consumer Privacy Act (CCPA), and others.

Unlike other NFC business card solutions, which are often paid, limited, complex or not very environmentally friendly, Cardokey offers you a free, unlimited, simple and eco-designed solution.

Cardokey therefore offers you an innovative and ecological solution to create NFC business cards that look like you and that suit your needs. Thanks to its recycling feature, you can also reuse NFC media and turn them into personalized NFC business cards.

Cardokey: a universal app

Cardokey is designed to let you create and manage your NFC business cards in a simple and efficient way. But did you know that Cardokey is also a universal app, which can be used by people from all over the world, regardless of their language?
Indeed, Cardokey is available in 14 languages: Arabic, Catalan, Chinese, English, French, German, Hindi, Italian, Japanese, Portuguese, Romanian, Russian, Spanish, and Ukrainian. This represents more than 86.02% of the languages spoken in the world, and more than 3.7 billion people who can use the app in their native language or in a language they master.

Moreover, Cardokey automatically adapts to the language of the phone where it is installed. If the user changes the language of their phone, Cardokey will do the same. Thus, you can create and manage your NFC business cards in the language of your choice, and enjoy all the features of the app.

You can also choose to share your information in multiple languages, by creating different profiles for each language. For example, you can have a profile in French for your French-speaking contacts, a profile in English for your English-speaking contacts, and a profile in Chinese for your Chinese contacts.

Cardokey offers you great flexibility and creativity to create NFC business cards that suit you and your needs.

How NFC vCards work

NFC stands for Near Field Communication. It is a technology that allows two media to communicate with each other when they are close to each other. NFC business cards with Cardokey use this technology to share your contact information in a simple and fast way.

An NFC tag is a media that contains a tiny electronic chip that can store and exchange data. It can have different shapes, such as stickers, keychains or physical cards. When you bring your smartphone near an NFC tag, the data associated with the tag appears automatically on your screen.

NFC vCard business cards with Cardokey are a great alternative to paper business cards, which are often thrown away, lost or outdated. They are eco-friendly, reusable and updated. They also save you time and money, as you don’t need to print or carry them. Moreover, they are more secure and anonymous, as you don’t need to share your personal data or connect to the Internet to use them.

What are the features of Cardokey NFC vCard business cards?

Cardokey offers many features that allow you to create and manage your NFC digital business cards. Here’s a table that summarizes Cardokey’s features:

Function Available
Create a vCard (contact) taking into account the available space ✔️
Create an NDEF NFC Vcard (Manually) ✔️
Create a vCard from an existing contact in the phone ✔️
Modify any existing NFC vCard created by other paid or free apps to make it easier to recycle and update them ✔️
Delete data stored in the NDEF of an NFC media ✔️
Format all types of NFC media to add NDEF compatibility ✔️
Create and store in the NDEF memory of any existing NFC media: your pre-configured links for social networks, the url of your choice, a vCard contact ✔️
Data management in the NFC Media: Create, Read, Update, Delete (CRUD) ✔️
Explanation of each pcictogram and its feature in the application ✔️
Show contact on phone and NFC Media ✔️
Automatic management of the memory size of the NFC card ✔️
Translation into 14 languages: CA, FR, EN, UK, ES, DE, IT, PT, RO, RU, AR, HI, ZH,JP ✔️
Information de contact de Freemindtronic ✔️
Information about the publisher of the Freemindtronic software ✔️
Direct link on the play store to buy the Cardokey Pro version and NFC Medial ✔️
Cardokey is a recycling solution for all types of disposable or non-disposable NFC Media ✔️

 

With these features, you can create a custom NFC business card, which contains the information you want to share, such as your name, company, title, website, email, phone number, and more. You can also create URL links to documents or presentations that are useful for your business, such as quotes, contracts, portfolios, and more. You can also create pre-configured links to your favorite social networks, such as Deviantart, Discord, Facebook, Flickr, GitHub, ICQ, Instagram, LinkedIn, Mastodon, Medium, Pinterest, Reddit, Skype, Slack, Snapchat, SoundCloud, Spotify, Steam, Telegram, TikTok, Tumblr, Twitch, Twitter, VKontakte, WeChat, WhatsApp, YouTube, etc. Finally, you can manage your data and contacts in the NFC card, edit or delete them at any time, and view them on your phone or card. These features give you a lot of freedom and creativity to create NFC business cards that look and match you.

What are the use cases for NFC business cards with Cardokey?

There are many of them, whether for business or personal needs. Here are some examples of use cases:

Andorra: keep in memory a special event

During the winter, a family visits Andorra’s Granvalira for their child’s first ski lesson and to experience their first snowflake, star, etc. The family keeps the NFC ski ticket formatted in NDEF format. Then, they save a URL that links to a page with all the photos and videos of this event. The ski ticket has become a souvenir object that will be kept for several years. In this case, Cardokey allows you to create an NFC business card with a URL that links to a page where there are all the photos, videos of this event.

Exhibitor: a connected poster with NFC tags

At a booth event, Marius uses self-adhesive NFC tags that they stick behind a poster holder advertising their products with a URL link that directs the visitor to their product information on the poster. The exhibitor can change the poster of his support with Cardokey. He can put a new poster and change the URL link of his new poster. This way, the exhibitor makes a simple poster a connected poster. In this case, Cardokey allows you to create an NFC business card with a URL link that directs the visitor to your product information on the poster.

Goodies: Offer NFC business cards

During a trade show, Mary offers her visitors NFC business cards with her brand as goodies. This allows her to make herself known and retain the loyalty of his potential clients, who will be able to scan her NFC business card with their smartphone to access her website, her LinkedIn profile, her portfolio, etc. Mary can purchase her NFC media from any NFC media e-commerce site or order from Cardokey NFC Cards with an extremely long lifespan of up to 1 million writes and 40 years of vCard retention NFC or URL or network link. In this case, Cardokey allows you to create an NFC vCard with all of Mary’s contact details to offer to her visitors.

Tourist: NFC business cards in different languages

While traveling abroad, Tao uses Cardokey to create his NFC business card with his contact details in his native language. This allows him to easily introduce himself to the people he meets. In fact, they will be able to scan his vcard with their smartphone to see the information translated into their language. He can also use Cardokey to save URL links to websites or applications useful for his trip, such as tourist guides, maps, booking services, etc. In this case, Cardokey allows you to create an NFC business card with your contact details in your native language.

Family: An NFC business card collecting memories

During a family reunion, a family member uses Cardokey to store links to photos and memories on NFC media. Before leaving each other, everyone takes their NFC media. Later, they will be able to relive their life moments with their loved ones, who will simply scan the NFC vcards with their smartphone to view their images, videos, messages, etc. They will also be able to use Cardokey to create URL links to websites or applications that are important to them, such as associations, causes, passions, etc. In this case, Cardokey allows you to create an NFC business card with your photos and memories.

How to download and install Cardokey?

To use Cardokey, you need an NFC-enabled smartphone, i.e. one that has an NFC chip and can read and write NFC data. Most recent smartphones are NFC-enabled, but you can check your smartphone’s compatibility on the Cardokey website.

Cardokey is available in 14 languages (Arabic, Catalan, Chinese, German, English, French, Hindi, Italian, Japanese, Portuguese, Romanian, Russian, Ukrainian). You can download it in any country that accepts the Google play store or app store platform.

To download and install Cardokey on your smartphone, all you need to do is follow these steps:

  • Go to the Google Play Store or App Store and search for “Cardokey”.
  • Select the app and click “Install”.
  • Open the app and agree to the terms of use.
  • Start creating your NFC business cards!

If you are interested in Cardokey, feel free to download it now by clicking on the following link:

In short

Cardokey is a free, user-friendly, eco-conscious app compliant with global privacy and data protection laws. It allows you to create NFC vCard business cards for all Android and iPhone NFC phones. It also lets you reuse and customize NFC media.

Cardokey is the NFC business card that connects you without revealing you. It lets you exchange your contact details without contact and without paper. It offers you a free, unlimited, simple and eco-designed solution.

Definition of technical terms:

  • NFC (Near Field Communication): a technology that allows two devices to communicate with each other when they are close to each other.
  • NDEF (NFC Data Exchange Format): a standard format for storing and exchanging data on NFC media.
  • vCard: a digital format for storing and sharing contact information, such as name, phone number, email address, etc.
  • Air Gap
2023, Articles, DataShielder, Digital Security, Military spying, News, NFC HSM technology, Spying

Pegasus: The cost of spying with one of the most powerful spyware in the world

Posted on by FMTAD
Pegasus The Cost of Spying with the Most Powerful Spyware
17
Oct
Pegasus by Jacques Gascuel: This article will be updated with any new information on the topic.

Pegasus: The Cost of Spying

Pegasus is a powerful spyware that has been used by several countries to spy on political figures, journalists, human rights activists or opponents. How does it work, who has been spied on, what are the consequences, and how much does it cost? Find out in this article.

Pegasus: The Cost of Spying with the Most Powerful Spyware in the World

Pegasus is a spyware developed by the Israeli company NSO Group. It allows to remotely monitor the activities of a mobile phone. According to an investigation conducted by a consortium of international media, several countries have used this software to spy on political figures, journalists, human rights activists or opponents.

The scandal of Pegasus has provoked a global outcry. It has raised many questions about the legality, the ethics and the consequences of this cyber-surveillance. How does Pegasus work? Who has been spied on by Pegasus? Who is responsible for the spying? What are the consequences of the spying? And most importantly, how much does Pegasus cost?

In this article, we will try to answer these questions in detail. We will use reliable and verified sources of information. We will also present some statistics and comparisons to give you an idea of the scale and the impact of Pegasus.

What is Pegasus?

Pegasus is a spyware, also called spy software. It allows to remotely monitor the activities of a mobile phone. It can access the messages, the calls, the contacts, the photos, the videos, the location, the microphone or the camera of the target phone. It can also activate or deactivate certain functions of the phone, such as Wi-Fi or Bluetooth.

Pegasus: a spyware that raises many questions

Pegasus is a powerful spyware that the NSO group designed. It can monitor and steal data and activities from mobile phones secretly. The NSO group is an Israeli company founded in 2010 by former members of Unit 8200; the Israeli military intelligence service. The company claims that its software aims to fight terrorism and organized crime; such as pedophiles or cartel leaders. It also claims that it only sells it to governments or authorized security agencies; with the approval of the Israeli Ministry of Defense. The countries that acquire these systems must respect their commitments stipulated in the license.

However, a consortium of international media outlets revealed that many countries have used Pegasus for other purposes. They have monitored various people, including politicians, journalists, human rights activists and political opponents. This raises many questions about the protection of privacy and human rights in the digital age. It also exposes the vulnerabilities and challenges of cybersecurity in a world where surveillance technologies are becoming more powerful and discreet.

Pegasus works by exploiting security flaws in the operating systems of phones, such as iOS or Android. It can infect a phone in two ways: either by sending a malicious link to the target phone, which must click on it to be infected; or by using a technique called “zero-click”, which allows to infect a phone without any interaction from the user.

Pegasus is a very sophisticated and discreet software. It can self-destruct or camouflage itself to avoid being detected. It can also adapt to security updates of operating systems to continue working. According to NSO Group, Pegasus is able to target more than 50,000 phone numbers in the world.

Unveiling Pegasus Attack Vectors: Stealth and Subterfuge in Cyber Espionage

In the Shadows of Cyber Espionage: Pegasus Strikes Unseen

In the realm of cyber espionage, Pegasus has mastered the art of covert infiltration, employing a spectrum of attack vectors designed to leave its targets unaware and defenseless. As a specialized journalist in the field of espionage, we delve into the clandestine world of Pegasus, shedding light on the methods it employs to breach digital fortresses.

Email: The Trojan Horse

Pegasus’s espionage campaign often commences with a seemingly innocuous email. The target receives a carefully crafted message, concealing a malicious payload. This deception operates with remarkable subtlety, bypassing traditional safeguards. Victims unknowingly execute the payload, granting Pegasus a foothold into their digital lives.

SMS Intrigue: Texts That Betray

SMS messages can become instruments of betrayal when wielded by Pegasus. Crafted to exploit vulnerabilities in messaging apps, these seemingly harmless texts harbor malicious intent. Clicking on a compromised message can be all it takes for Pegasus to silently infiltrate a device.

Web of Deceit: Navigating Vulnerabilities

Pegasus’s reach extends into the very fabric of the internet. Web browsers, portals to information and connectivity, can become gateways for intrusion. By exploiting unpatched browser vulnerabilities, Pegasus sidesteps user interaction, infiltrating systems silently.

WhatsApp’s Vulnerable Connection

Even encrypted platforms like WhatsApp are not impervious to Pegasus’s advances. The spyware capitalizes on vulnerabilities in this widely used messaging app. A simple call on WhatsApp can translate into a gateway for Pegasus’s covert surveillance.

Zero-Click: A Stealthy Intrusion

The pinnacle of Pegasus’s subterfuge is the “Zero-Click” attack vector. Unlike other methods, “Zero-Click” requires no user interaction whatsoever. It preys upon deep-seated operating system vulnerabilities. Pegasus slips in unnoticed, operating in the shadows, and evading all user alerts.

The Stealth Within Pegasus: An Unseen Hand

Pegasus’s ability to infiltrate devices without leaving a trace raises profound concerns regarding detection and defense. Victims may remain oblivious to their compromised status, and traditional security measures struggle to counteract this stealthy foe.

Pegasus Continues to Threaten iPhone User Privacy and Security

In the ever-evolving landscape of digital security, the Pegasus spyware remains a significant threat to iPhone users’ privacy and security. Despite Apple’s rigorous efforts to enhance iOS safeguards, the sophisticated surveillance tool developed by the Israeli firm NSO Group has continually adapted, finding new ways to infiltrate the defenses of one of the world’s most popular smartphones.

Apple’s Proactive Measures Against Pegasus

Apple has been at the forefront of the battle against cyber threats, releasing timely security updates and patches aimed at thwarting Pegasus’s advanced techniques. The company’s commitment to user privacy has led to the development of new security features designed to protect sensitive information from unauthorized access. However, the dynamic nature of cyber threats, exemplified by Pegasus, poses an ongoing challenge to even the most secure platforms.

The Impact on iPhone Users

For iPhone users, the threat of Pegasus spyware is more than just a privacy concern; it’s a direct attack on their freedom of expression and the security of their personal data. The ability of Pegasus to covertly monitor conversations, access encrypted messages, and even activate cameras and microphones without consent has raised alarms worldwide. This level of surveillance capability not only endangers individual users but also threatens the integrity of global communications networks.

Recent Revelations in Jordan Amplify Global Pegasus Concerns

In 2024, shocking reports emerged, spotlighting Jordan’s use of Pegasus against journalists and activists. This development underscores the pervasive reach of NSO Group’s spyware. Allegedly, the Jordanian authorities targeted individuals crucial to civil society. These actions have stoked fears about privacy invasions and press freedom suppression. Amidst Israel-Jordan tensions, this move signals a worrying trend of using cyberweapons to stifle dissent. Consequently, global watchdogs are calling for stringent controls on spyware sales and usage. This incident not only highlights the urgent need for robust digital rights protections but also raises significant ethical questions about surveillance technologies’ global impact.

India’s Pegasus Scandal: A Deep Dive into Surveillance and Democracy

The year 2023 brought to light India’s alleged surveillance of journalists and opposition figures using Pegasus. This revelation has sparked a nationwide debate on privacy, press freedom, and democratic values. High-profile journalists and political dissenters reportedly fell victim to this covert tool, leading to widespread condemnation. Despite government denials and a lack of cooperation with Supreme Court probes, the issue remains unresolved. Such use of Pegasus not only threatens individual freedoms but also undermines the very fabric of democratic societies. As countries grapple with the dual use of surveillance technologies, the call for transparent, regulated, and ethical practices has never been louder. This situation serves as a crucial reminder of the delicate balance between national security and personal liberties.

How Pegasus spied on the Catalan independence movement and the Spanish government

Pegasus, a powerful spyware designed by the NSO Group, has the capability to clandestinely monitor and steal data and activities from mobile phones. A consortium of international media outlets exposed the fact that numerous countries have employed Pegasus to conduct surveillance on various individuals, including political figures, journalists, human rights activists, and political opponents.

In Spain, the Pegasus scandal unfolded, implicating over 60 individuals associated with the Catalan independence movement. According to a report from Citizen Lab, Pegasus was utilized to target these individuals between 2017 and 2020. In an alarming twist, the Spanish government itself accused Pegasus of spying on its own officials in 2021.

The Catalan independence movement under surveillance

The Catalan independence movement represents a political and social endeavor that aims to secure Catalonia’s independence from Spain. This movement gained significant momentum in 2017 when the Catalan government conducted an unauthorized referendum on self-determination. In response, the Spanish government took action by suspending Catalonia’s autonomy and apprehending several of its leaders.

Citizen Lab’s report revealed that Pegasus had specifically targeted more than 60 individuals associated with the Catalan independence movement from 2017 to 2020. This list includes notable figures such as three presidents of the Generalitat of Catalonia: Artur Mas, Quim Torra, and Pere Aragonès. These individuals have taken legal action, filing a complaint against Paz Esteban and the NSO Group. Paz Esteban serves as the director of CNI, Spain’s intelligence service.

Additional alleged victims encompass Members of the European Parliament, lawyers, journalists, and activists. For example, Carles Puigdemont, the former president of Catalonia who sought refuge in Belgium following the referendum, was also subjected to Pegasus surveillance. The list further includes Roger Torrent, the former speaker of the Catalan parliament, and Jordi Cañas, a pro-union Member of the European Parliament.

The Spanish government under attack

The situation escalated in significance when the Spanish government disclosed that Pegasus had also surveilled its own officials in 2021. The government attributed this to an “external attack” but refrained from identifying the perpetrators. Various media outlets hinted at the possibility of Moroccan involvement, occurring against the backdrop of a diplomatic standoff between the two nations.

Prime Minister Pedro Sánchez and Defense Minister Margarita Robles were among the primary targets. In February 2021, while on an official visit to Morocco, their mobile phones fell victim to Pegasus infections8. This compromise allowed the spyware access to their messages, calls, contacts, photos, videos, location, microphone, and camera.

Additionally, Foreign Minister Arancha González Laya and Interior Minister Fernando Grande-Marlaska faced Pegasus surveillance in May 2021. This intrusion occurred during their management of a migration crisis in Ceuta, a Spanish enclave in North Africa that witnessed a mass influx of Moroccan migrants.

The outcry of the victims

Those who have potentially or definitively fallen victim to Pegasus expressed their outrage and concerns surrounding this spying scandal. They vehemently decried it as a grave infringement upon their fundamental rights and vociferously demanded both explanations and accountability. Furthermore, they sought access to the findings of the judicial investigation and the data collected by the spyware.

For example, Quim Torra expressed feeling “violated” and “humiliated” by the intrusive spying. He squarely pointed fingers at the Spanish state and demanded an apology from Prime Minister Sánchez. Torra also declared his intent to pursue legal action against NSO Group and CNI.

Likewise, Pedro Sánchez conveyed his profound worry and anger regarding the spying. He committed to seeking clarifications from Morocco and Israel while simultaneously reinforcing his government’s cybersecurity measures.

What are the consequences of the spying?

Spying by Pegasus inflicted severe consequences on the victims, as well as society and democracy. It violated the victims’ right to privacy, freedom of expression, freedom of information, and presumption of innocence. Additionally, it jeopardized the security, reputation, and well-being of the victims.

Pegasus’ spying activities also eroded trust and cooperation among various actors and institutions. It fostered an atmosphere of suspicion and hostility between Spain and Morocco, neighboring countries with historical and economic ties. Furthermore, it deepened divisions between Madrid and Barcelona, two regions with political and cultural distinctions. The spying undermined the credibility and legitimacy of the Spanish government and its intelligence service.

Moreover, Pegasus’ spying efforts raised awareness and concerns regarding the dangers and abuses of cyber-surveillance. It revealed the lack of control and accountability over the use of spyware by governments and private companies. The spying underscored the necessity for enhanced protection and regulation for human rights defenders, journalists, activists, and other vulnerable groups.

The cost of Pegasus by country: an estimation based on the available sources

NSO Group, an Israeli company specialized in cyber-surveillance, developed Pegasus, a spyware capable of infecting smartphones and accessing their data, including messages, photos, contacts, and location. Pegasus can also activate the microphone and camera of the phone, effectively turning it into a spying tool. But how much does it cost to use Pegasus? And which countries can afford it? This section will attempt to answer these questions based on the available information.

Firstly, the cost of using Pegasus depends on several factors, such as the number of phones targeted, the duration of surveillance, and the type of contract signed with NSO Group. According to The Guardian’s estimate, which relies on internal documents from NSO Group dating back to 2016, a license to monitor 50 smartphones cost 20.7 million euros per year at that time. Similarly, a license for monitoring 100 smartphones cost 41.4 million euros per year. It remains uncertain whether these prices have changed since 2016 or if NSO Group has offered discounts or rebates to certain clients.

Subsequently, the estimated cost of Pegasus by country derives from the number of phones targeted and the operation’s duration, using the average cost provided by The Guardian. These data are approximations and may vary depending on the sources. For instance, Saudi Arabia targeted approximately 15,000 numbers with Pegasus, according to Le Monde, but The Washington Post suggests a figure of 10,000. Likewise, Le Monde indicates that Morocco commenced using Pegasus in 2017, whereas Citizen Lab asserts it was in 2016.

Here is a summary table of the estimates of the cost of Pegasus by country:

Country Number of Phones Targeted Duration of Operation (years) Estimated Cost (in millions of euros)
Spain 60 6 248.4
Saudi Arabia 10 000 5 2070
Azerbaijan 5 000 4 828
Bahrain 3 000 3 372.6
Kazakhstan 1 500 2 124.2
Mexico 15 000 2 1242
Morocco 10 000 5 2070
Rwanda 3 500 4 579.6
Hungary 300 4 49.8
India 1 000 3 124.2
United Arab Emirates 10 000 5 2070

Finally, the total estimated cost of Pegasus for these ten countries would be about 10.5 billion euros over a period of five years.

The cost of Pegasus compared to other indicators

In addition to these estimates, we can also compare the cost of Pegasus with other indicators or expenditures, such as the average income or the budget of a country. This can help us to gain insight into the scale and impact of Pegasus.

For instance, according to Statista, Spain’s average annual income per capita in 2020 was $30,722. El País reported the budget of the Spanish Intelligence Agency (CNI) to be $331 million in 2020, while El Mundo stated that Catalonia’s budget was $40 billion in the same year.

Here is a summary table of the data:

Source Estimated Cost of Pegasus
Le Monde $7 to $20 million per year for 50 to 100 smartphones
TEHTRIS $9 million for 10 targets, $650,000 for a single target
Alain Jourdan $500 million for Spain (Source credibility unclear)
Average Income in Spain (2020) $30,722 per year
Budget of CNI (Spanish Intelligence Agency, 2020) $331 million
Budget of Catalonia (2020) $40 billion

The table demonstrates that Pegasus costs are very high compared to other indicators or expenditures. For instance, according to our previous estimation in the preceding section, Spain would have expended about 248.4 million euros over six years to monitor 60 phones with Pegasus. This amount equals approximately 8 times the budget of the Spanish Intelligence Agency (CNI) in 2020 or about 6% of Catalonia’s budget in the same year. Furthermore, this sum is equivalent to about 8,000 times the average annual income per capita in Spain in 2020.

In conclusion comparison

This comparison highlights that Pegasus represents a significant expense for its users, funds that could have been allocated to other purposes or needs. Moreover, it emphasizes the disproportionate nature of Pegasus costs concerning its victims, often ordinary citizens or government employees.

Assessing the cost of Pegasus with certainty is challenging because it depends on several factors, such as the number of phones targeted, the duration of surveillance, and the type of contract NSO Group signed. To obtain a clearer and more comprehensive view of the cost and scope of Pegasus use, access to NSO Group’s and its clients’ internal data would be necessary.

Statistics on Pegasus: a glimpse into the scale and diversity of Pegasus espionage

NSO Group, an Israeli company specialized in cyber-surveillance, developed Pegasus, a spyware. Pegasus can infect smartphones and access their data, such as messages, photos, contacts, and location. Pegasus can also activate the microphone and camera of the phone, turning it into a spying tool.

But who are the victims of Pegasus? And how many are they? In this section, we will present some statistics based on the available data.

It is important to note that these statistics are not comprehensive, as a sample of 50,000 phone numbers selected by NSO Group’s clients as potential targets forms the basis for them. Forbidden Stories and Amnesty International obtained this sample and shared it with a consortium of media outlets that conducted an investigation. The actual number of Pegasus targets may be much higher, as NSO Group claims to have more than 60 clients in 40 countries.

According to The Guardian’s analysis of the sample:

  • More than 1,000 individuals in 50 different countries have been confirmed as successfully infected with Pegasus.
  • Over 600 politicians and government officials, including heads of state, prime ministers, and cabinet ministers, were identified as potential targets.
  • More than 180 journalists working for prominent media outlets like CNN, The New York Times, Al Jazeera, or Le Monde were selected as potential targets.
  • Over 85 human rights activists, including members of organizations like Amnesty International and Human Rights Watch, were identified as potential targets.

According to Le Monde’s analysis of the same sample:

  • Morocco selected more than 15,000 individuals as potential targets between 2017 and 2019.
  • Mexico selected over 10,000 potential targets between 2016 and 2017.
  • Saudi Arabia selected more than 1,400 potential targets between 2016 and 2019.
  • India selected over 800 potential targets between 2017 and 2019.

Here is a summary table of the key findings from both sources:

Data Source Key Findings
The Guardian (Sample of 50,000 Numbers) Over:

  • 1,000 infections in 50 countries
  • 600 politicians and government officials targeted
  • 180 journalists selected as potential targets
  • 85 human rights activists identified as potential targets
Le Monde (Sample of 50,000 Numbers) Over:

  • 15,000 potential targets in Morocco (2017-2019)
  • 10,000 potential targets in Mexico (2016-2017)
  • 1,400 potential targets in Saudi Arabia (2016-2019)
  • 800 potential targets in India (2017-2019)

These statistics reveal Pegasus surveillance’s extensive reach and diversity, affecting a wide range of individuals and countries with varying motivations and interests. Moreover, they show that Pegasus surveillance has been ongoing for several years without anyone detecting or stopping it.

In conclusion, these statistics provide a glimpse into the scale and diversity of Pegasus espionage. However, they are not exhaustive and may not fully reflect the true extent of Pegasus surveillance. To have a clearer and more complete picture of the victims and the consequences of Pegasus, access to the internal data of NSO Group and its clients would be necessary.

Pegasus Datasheet: a summary of the features and capabilities of Pegasus spyware

Pegasus is a spyware developed by the Israeli company NSO Group, designed for remote monitoring of mobile phone activities. Pegasus can infect smartphones and access their data, such as messages, calls, contacts, photos, videos, location, microphone, and camera. Pegasus can also control some functions of the phone, such as enabling or disabling Wi-Fi, Bluetooth, and more. Pegasus can infect phones through different methods, such as malicious link delivery or the insidious “zero-click” technique, which does not require any user interaction. The duration and frequency of Pegasus surveillance depend on the contract signed with NSO Group, which can vary from client to client.

Below is a datasheet detailing Pegasus, including price estimates and periodicity:

CHARACTERISTIC VALUE ATTACK VECTOR
Name Pegasus  
Developer NSO Group  
Type Spyware  
Function Remote monitoring of mobile phone activities  
Infection Method Malicious link delivery or the insidious “zero-click” technique Email, SMS, Web Browsing, WhatsApp, Zero-Click
Data Access Messages, calls, contacts, photos, videos, location, microphone, camera  
Function Access Capable of enabling/disabling Wi-Fi, Bluetooth, and more  
Periodicity Varied, dependent on contract duration and frequency of updates  
Price Estimate $7 to $20 million per year for 50 to 100 smartphones

Assessing the Pegasus Threat Level After Security Updates and Utilizing Anti-Pegasus Tools

Pegasus is a spyware that exploits security flaws in the operating systems of phones, such as iOS or Android. To reduce the level of threat of Pegasus, one of the ways is to update and patch these operating systems regularly, to fix the vulnerabilities that Pegasus can use.

How security updates can protect the devices from Pegasus

In September 2021, Apple released iOS 14.8 and macOS 11.6 as security updates to protect its devices from the zero-click exploit used by Pegasus. Citizen Lab discovered this exploit, called FORCEDENTRY, in August 2021. FORCEDENTRY allowed Pegasus to infect iPhones without any user interaction. Apple urged its users to install the updates as soon as possible to protect themselves from Pegasus.

Google also released security updates for Android devices in August 2021, according to Linternaute. These updates fixed several vulnerabilities that Pegasus or other spyware could exploit. Google did not specify if these vulnerabilities were related to Pegasus, but it advised its users to update their devices regularly to ensure their security.

However, updating and patching the operating systems may not be enough to prevent or detect Pegasus infections. Pegasus can adapt to security updates and use new exploits that security experts have not yet discovered or fixed.

Advanced Detection and Protection Against Pegasus Spyware

In the ongoing effort to combat the sophisticated Pegasus spyware, cybersecurity experts have developed advanced tools and methods to detect and neutralize such threats. Kaspersky, a leader in global cybersecurity, has recently unveiled a groundbreaking approach that enhances our capability to identify and mitigate the impact of iOS spyware including Pegasus, as well as newer threats like Reign and Predator.

Kaspersky’s Innovative Detection Method

Leveraging the untapped potential of forensic artifacts, Kaspersky’s Global Research and Analysis Team (GReAT) has introduced a lightweight yet powerful method to detect signs of sophisticated spyware infections. By analyzing the Shutdown.log found within the iOS sysdiagnose archive, researchers can now identify anomalies indicative of a Pegasus infection, such as unusual “sticky” processes. This method provides a minimally intrusive, resource-efficient way to pinpoint potential spyware compromises.

Empowering Users with Self-Check Capabilities

To democratize the fight against spyware, Kaspersky has developed a self-check tool available to the public. This utility, based on Python3 scripts, allows users to independently extract, analyze, and interpret data from the Shutdown.log file. Compatible with macOS, Windows, and Linux, this tool offers a practical solution for users to assess their devices’ integrity.

Comprehensive User Protection Strategies

Beyond detection, protecting devices from sophisticated spyware demands a multifaceted approach. Kaspersky recommends several proactive measures to enhance device security:

  • Reboot Daily: Regular reboots can disrupt the persistence mechanisms of spyware like Pegasus, which often relies on zero-click vulnerabilities for infection.
  • Enable Lockdown Mode: Apple’s Lockdown Mode has shown effectiveness in thwarting malware infections by minimizing the attack surface available to potential exploiters.
  • Disable iMessage and Facetime: Given their popularity as vectors for exploitation, disabling these services can significantly reduce the risk of infection.
  • Stay Updated: Promptly installing the latest iOS updates ensures that known vulnerabilities are patched, closing off avenues for spyware exploitation.
  • Exercise Caution with Links: Avoid clicking on unsolicited links, a common method for delivering spyware through social engineering tactics.
  • Regular Checks: Utilizing tools like MVT (Mobile Verification Toolkit) and Kaspersky’s utilities to analyze backups and sysdiagnose archives can aid in early detection of malware.

By integrating these practices, users can significantly bolster their defenses against the most advanced spyware, reducing the likelihood of successful infiltration and ensuring greater digital security and privacy.

Technological Innovations in Spyware Defense: The Case of DataShielder NFC HSM

As nations grapple with policy measures to regulate the use of commercial spyware, technological innovators like Freemindtronic are stepping up to offer robust defenses for individuals against invasive tools like Pegasus. The DataShielder NFC HSM Defense, equipped with EviCore NFC HSM technology, represents a leap forward in personal cybersecurity, offering a suite of features designed to safeguard data and communications from sophisticated spyware threats.

DataShielder NFC HSM: A Closer Look

DataShielder NFC HSM Defense utilizes contactless encryption and segmented key authentication, securely stored within an NFC HSM, to protect users’ digital lives. This groundbreaking approach ensures that secret keys, the cornerstone of digital security, remain out of reach from spyware, thus maintaining the confidentiality and integrity of sensitive information across various communication protocols.

DataShielder NFC HSM Defense: a solution against spyware

Another technology can help users protect themselves from Pegasus and other spyware. This is DataShielder NFC HSM Defense with EviCore NFC HSM, a solution that effectively fights against applications and spyware such as Pegasus. It is an alternative that secures contactless encryption and segmented key authentication system stored encrypted in NFC HSM. Thus, the secret keys are physically externalized and not accessible to the spyware. DataShielder NFC HSM Defense with EviCypher NFC HSM encrypts all types of sensitive data without ever logging the data unencrypted. The user can encrypt all types of data from his contactless phone in volatile memory, including Email, SMS, MMS, RCS, Chat, all messaging in general, all types of messaging, including satellite, without ever saving his texts unencrypted. DataShielder NFC HSM also works in air gap as well as on all types of NFC, Wifi, Bluetooth, Lan, Wan, Camera communication protocols that it encrypts end-to-end from NFC HSM

DataShielder NFC HSM Defense: additional features

In the Defense version of DataShielder NFC HSM, it integrates EviCall NFC HSM technology, which allows users to physically outsource phone contacts and make calls by automatically erasing the call histories of the phone, including encrypted and unencrypted SMS linked to that call number.

DataShielder NFC HSM also includes Evipass NFC HSM contactless password manager technology. It is therefore compatible with EviCore NFC HSM Browser Extension technology. In particular, it carries out all types of autofill and autologin operations. Thus, DataShielder NFC HSM not only allows you to connect by autofilling the traditional login and password identification fields on the phone, whether through applications or online accounts. But also also and on the types of online accounts (lan and wan), applications, software. DataShielder NFC HSM Defense also includes EviKeyboard BLE technology which also extends the use of keys greater than 256 bit. This virtual Bluetooth keyboard allows you to authenticate on the command line, on all types of home automation, electronic, motherboard bios, TMP2.0 key, which accepts the connection of a keyboard on a USB port. All these operations are end-to-end encrypted from NFC HSM up to more than 50 meters away via Bluetooth encrypted in AES-128.

To encrypt sensitive data from their phone, the user will do it from their secret keys only stored in their NFC HSM. They can also do it from their computer using the NFC HSM. This is possible thanks to the interoperability and backward compatibility of the DataShielder NFC HSM Defense ecosystem, which works independently but is interoperable on all Android computer and telephone systems with NFC technology. For example, users can encrypt files, photos, videos, and audio on their phones without ever exposing them to security breaches on the phone or computer.

This is the EviCypher NFC HSM technology dedicated to the encryption and management of AES 256 and RSA 4096 encryption keys.

Similarly, DataShielder also includes EviOTP NFC HSM technology, also in DataShielder NFC HSM Defense, which secures and manages OTP (TOTP and HOTP) secret keys.

Here are all the links : EviPass NFC HSMEviOTP NFC HSMEviCypher NFC HSMEviCall NFC HSM, EviKeyboard BLE

DataShielder NFC HSM Defense vs Pegasus: a comparison table

Data Pegasus DataShielder NFC HSM Defense
Messages, chats Can read and record them unencrypted Encrypts them end-to-end with keys physically externalized in the NFC HSM
Phone contacts Can access and modify them Externalizes and encrypts them in the NFC HSM
Emails Can intercept and read them Encrypts them with the OpenPGP protocol and signs them with the NFC HSM
Photos Can access and copy them Encrypts them with the NFC HSM and stores them in a secure space
Videos Can watch and record them Encrypts them with the NFC HSM and stores them in a secure space
Encrypted messages scanned from the camera Can decrypt them if he has access to the encryption key Encrypts them with the NFC HSM and does not leave any trace of the encryption key
Conversation histories from contacts stored in the NFC HSM Can access and analyze them Erases them automatically after each call or message
Usernames and passwords Can steal and use them Externalizes and encrypts them in the NFC HSM with EviPass technology
Secret keys of OTP Can compromise and impersonate them Externalizes them physically in the NFC HSM with EviOTP technology

Bridging the Gap Between Technology and Privacy

In an era where spyware like Pegasus poses unprecedented threats to personal privacy and security, solutions like DataShielder NFC HSM Defense emerge as essential tools in the individual’s cybersecurity arsenal. By leveraging such technologies, users can significantly mitigate the risk of spyware infections, reinforcing the sanctity of digital privacy in the face of evolving surveillance tactics.

The level of threat of Pegasus in different cases

The level of threat of Pegasus depends on many factors, such as the type and version of the operating system, the frequency and quality of the updates and patches, the availability and effectiveness of the tools, and the behavior and awareness of the users. It is therefore difficult to measure it precisely or universally, as it may vary according to different scenarios and situations.

However, we can try to give some estimates or ranges of levels, based on assumptions or approximations. For example, we can use a scale from 1 (lowest) to 10 (highest) to indicate how likely it is for a device to be infected by Pegasus in different cases:

Case Level of threat
A device with an outdated operating system that has not been updated for a long time 9/10
A device with an updated operating system that has been patched recently 5/10
A device with an updated operating system that has been patched recently and uses antivirus software 3/10
A device with an updated operating system that has been patched recently and uses antivirus software and VPN software 2/10
A device with an updated operating system that has been patched recently and uses antivirus software, VPN software, and anti-spyware software 1/10
A device with an updated operating system that has been patched recently and uses DataShielder NFC HSM 0/10

Latest affairs related to Pegasus

Since the revelations of Forbidden Stories and Amnesty International in July 2021, several new developments have occurred in relation to Pegasus spying. Here are some of them:

  • October 2023, The former head of the Spanish intelligence services has been charged with spying on the regional president of Catalonia, Pere Aragonès, using the Pegasus software, the Spanish justice announced on Monday. Paz Esteban, who was dismissed last year by the government of Pedro Sánchez after the scandal broke out, has been summoned by the Barcelona judge in charge of the case on December 131. The judge said that the facts reported by the moderate separatist leader have the “characteristics” of “possible criminal offenses such as illegal wiretapping and computer espionage
  • In October 2021, Paz Esteban López, the former head of CNI, was charged with crimes against privacy and misuse of public funds for allegedly ordering the spying on Catalan politicians with Pegasus. She is the first high-ranking official to face legal consequences for using Pegasus in Spain.
  • In September 2021, NSO Group announced that it was temporarily suspending its services to several government clients after being accused of facilitating human rights abuses with Pegasus. The company did not specify which clients were affected by this decision.
  • In August 2021, Apple released an urgent security update for its devices after discovering a zero-click exploit that allowed Pegasus to infect iPhones without any user interaction. The exploit, called FORCEDENTRY, was used by NSO Group to target activists, journalists and lawyers around the world. Apple urged its users to install the update as soon as possible to protect themselves from Pegasus.
  • In July 2021, the French government launched an investigation into the alleged spying on President Emmanuel Macron and other senior officials by Morocco using Pegasus. Morocco denied any involvement in the spying and sued Amnesty International and Forbidden Stories for defamation. France also summoned the Israeli ambassador to Paris to demand explanations about NSO Group’s activities.
  • In July 2021, the Israeli government formed a task force to review the allegations against NSO Group and its export licenses. The task force included representatives from the defense, justice and foreign ministries, as well as from the Mossad and the Shin Bet. The task force was expected to report its findings within a few weeks.

These developments show that Pegasus spying has triggered legal, diplomatic and political reactions in different countries. They also show that Pegasus spying has exposed the vulnerabilities and the challenges of cybersecurity in the digital age.

International Policy Measures Against Spyware Misuse

In a landmark move reflecting growing global concern over the misuse of commercial spyware, the United States announced in February 2024 its decision to impose visa restrictions on individuals involved in the abuse of such technologies. This policy, aimed at curbing the proliferation of weapons-grade commercial spyware like Pegasus, marks a significant stride in international efforts to safeguard against digital espionage threats to national security, privacy, and human rights.

The US Stance on Spyware Regulation

The Biden administration’s policy will potentially impact major US allies, including Israel, India, Jordan, and Hungary, underscoring the administration’s commitment to countering the misuse of spyware. This comes on the heels of earlier measures, such as placing Israel’s NSO Group on a commerce department blacklist and prohibiting the US government’s use of commercial spyware, signaling a robust stance against the unregulated spread of spyware technologies.

Global Implications and Diplomatic Efforts

Secretary of State Antony Blinken’s statement linking the misuse of spyware to severe human rights violations highlights the gravity with which the US views the global spyware issue. The policy introduces a mechanism for enforcing visa restrictions on those believed to be involved in or benefiting from the misuse of spyware, sending a strong message about the US’s intolerance for such practices.

A Step Towards Greater Accountability

By targeting individuals involved in the surveillance, harassment, and intimidation of journalists, activists, and dissenters, the US aims to foster a more accountable and ethical global spyware industry. This visa ban, applicable even to individuals from visa waiver countries, represents an “important signal” about the risks associated with the spyware sector, emphasizing the need for international cooperation in addressing these challenges.

Spyware with multiple detrimental impacts

Pegasus is not only a spyware with a high financial cost for its users, but it also entails, whether it is used legitimately or not, a human, social, political and environmental cost for its victims and society as a whole. It is difficult to precisely quantify the cost of the damages caused by the use of Pegasus due to numerous factors and variables that can vary across countries, sectors and periods. However, we can provide some rough estimates and examples to illustrate the scope and diversity of the impacts of the use of Pegasus.

Financial Cost

The financial cost of the damages inflicted by Pegasus can be measured on several fronts:

  • Cost to Victims: Individuals spied on by Pegasus may suffer direct or indirect financial losses, stemming from breaches of their privacy, disclosure of personal or professional information, manipulation, or theft of their financial or tax-related data. For example, a journalist might lose their job or credibility due to information revealed by Pegasus; a lawyer could lose a lawsuit or a client due to a disclosed strategy, and an activist might lose funding or security due to an exposed campaign.
  • Cost to Businesses: Companies targeted by Pegasus may face direct or indirect financial losses related to intellectual property violation, unfair competition, industrial espionage, corruption, and more. For instance, a business could lose a contract or market share because of exposed bids; its reputation and trustworthiness could suffer due to a Pegasus-related scandal, and its competitiveness and profitability could diminish from a compromised trade secret.
  • Cost to States: Nations subject to Pegasus espionage may experience direct or indirect financial losses tied to sovereignty violations, threats to national security, interference in domestic and foreign affairs, among others. An example includes a country’s stability or legitimacy being jeopardized due to a Pegasus-facilitated coup; a nation losing influence or alliances because of negotiations undermined by Pegasus; or a state’s development or environment suffering from a Pegasus-sabotaged project.

Geopolitical Cost

The geopolitical cost of Pegasus-induced damages can be measured on various fronts:

  • Cost to International Relations: The use of Pegasus by some states to spy on others can lead to diplomatic tensions, armed conflicts, economic sanctions, and cooperation ruptures. For example, the espionage of French President Emmanuel Macron by Morocco triggered a crisis between the two nations; spying on Indian Prime Minister Narendra Modi by China escalated their border dispute, and Israeli espionage of Iranian President Hassan Rouhani compromised the nuclear agreement between the two countries.
  • Cost to International Organizations: Pegasus’ deployment by certain states to spy on international organizations can result in violations of international law, human rights abuses, and hindrances to multilateralism. For instance, spying on UN Secretary-General Antonio Guterres by the United States undermined the organization’s independence and impartiality. Similarly, espionage targeting the International Criminal Court by Israel threatened international justice and peace, while spying on the World Health Organization by China disrupted pandemic management.

Economic Cost

The economic cost of the damages caused by Pegasus can be assessed across different dimensions:

  • Cost to Economic Growth: The use of Pegasus by certain states or private actors to spy on other states or private actors can lead to market distortions, productivity losses, capital flight, and offshoring. For example, the espionage targeting the airline company Emirates by Qatar reduced its competitiveness and profitability. Similarly, spying on the oil company Petrobras by the United States triggered an economic and political crisis in Brazil. Additionally, spying on Mexico’s central bank by Venezuela facilitated money laundering and terrorism financing.
  • Cost to Innovation: The utilization of Pegasus by certain states or private actors to spy on other states or private actors can result in patent theft, counterfeiting, hacking, and cyberattacks. For instance, spying on pharmaceutical company Pfizer by China allowed the latter to replicate its COVID-19 vaccine. Simultaneously, espionage against technology giant Apple by North Korea enabled the creation of its smartphone. Furthermore, spying on space company SpaceX by Russia allowed the latter to sabotage its launches.

Human, Social, and Environmental Cost

The human, social, and environmental cost of Pegasus-induced damages can be measured across several aspects:

  • Cost to Human Rights: The use of Pegasus by certain states or private actors to spy on vulnerable individuals or groups can result in violations of the right to life, freedom, security, dignity, and more. For example, the spying on journalist Jamal Khashoggi by Saudi Arabia led to his assassination. Similarly, espionage targeting activist Edward Snowden by the United States led to his exile. Additionally, the espionage of dissident Alexei Navalny by Russia resulted in his poisoning.
  • Cost to Democracy: The deployment of Pegasus by certain states or private actors to spy on political or social actors can lead to infringements on pluralism, transparency, participation, representativeness, and more. For instance, spying on French President Emmanuel Macron by Russia attempted to influence the 2017 French presidential election. Similarly, spying on the Yellow Vest movement by Morocco aimed to weaken the French social movement in 2018. Additionally, espionage against President Joe Biden by Iran sought to infiltrate his transition team in 2020.
  • Cost to the Environment: The use of Pegasus by certain states or private actors to spy on organizations or individuals committed to environmental protection can result in damage to biodiversity, climate, natural resources, and more. For example, spying on Greenpeace by Japan hindered its efforts against whale hunting. Similarly, espionage against the WWF by Brazil facilitated deforestation in the Amazon. Additionally, the spying on climate activist Greta Thunberg by Russia aimed to discredit her climate movement.
  • Cost to Intangibles: The use of Pegasus by certain states or private actors to spy on individuals or groups with symbolic, cultural, moral, or spiritual value can result in losses of meaning, trust, hope, or faith. For instance, espionage against Pope Francis by Turkey undermined his moral and religious authority. Similarly, spying on the Dalai Lama by China compromised his spiritual and political status. Additionally, the espionage of Nelson Mandela by South Africa tarnished his historical and humanitarian legacy.

The Risk of Diplomatic Conflict Arising from Pegasus

The utilization of Pegasus by some states to spy on others can give rise to the risk of diplomatic conflict, which can have severe consequences for international peace and security. The likelihood of diplomatic conflict depends on several factors, including:

  • Intensity and Duration of Espionage: The more extensive and prolonged the espionage, the more likely it is to provoke a strong and lasting reaction from the spied-upon state.
  • Nature and Status of Targets: More important and sensitive targets are more likely to trigger a strong and immediate reaction from the spied-upon state. For instance, spying on a head of state or a minister is more serious than spying on a bureaucrat or diplomat.
  • Relationship and Context Between States: States with tense or conflictual relationships are more likely to provoke a strong and hostile reaction from the spied-upon state. For instance, espionage between rival or enemy states is more serious than espionage between allied or neutral states.

The risk of diplomatic conflict can manifest at various levels:

  • Bilateral Level: This is the most direct and frequent level, where two states clash due to espionage. Possible reactions include official protests, summoning or expelling an ambassador, breaking or freezing diplomatic relations, etc.
  • Regional Level: This level involves a state seeking support from its neighbors or regional partners to bolster its position or condemn the espionage. Possible reactions include joint declarations, collective resolutions, economic or political sanctions, etc.
  • International Level: At this level, a state calls upon international organizations or global actors to support its position or condemn the espionage. Possible reactions include referring the matter to an international court, resolutions by the UN Security Council, humanitarian or military sanctions, etc.

The risk of diplomatic conflict can have various consequences:

  • Political Consequences: It can lead to a deterioration or rupture of relations between the involved states, a loss of credibility or legitimacy on the international stage, internal political instability or crisis, etc.
  • Economic Consequences: It can result in reduced or suspended trade between the involved states, a loss of competitiveness or growth, capital flight or frozen investments, etc.
  • Social Consequences: It can lead to increased or exacerbated tensions or violence among the populations of the involved states, a loss of trust or solidarity, a rise or reinforcement of nationalism or extremism, etc.

Conclusion: Navigating the Pegasus Quagmire with Innovative Defenses

The saga of Pegasus spyware unveils a complex tableau of financial, human, social, political, and environmental ramifications. Pinpointing the exact toll it takes presents a formidable challenge, given the myriad of factors at play. Throughout this article, we’ve endeavored to shed light on the extensive impacts, offering insights and quantifications to bring clarity to this global concern.

Moreover, Pegasus not only incurs a direct cost but also sows the seeds of potential diplomatic strife, pitting states against each other in an invisible battlefield. The severity of these confrontations hinges on the espionage’s scope, the targets’ sensitivity, and the intricate web of international relations. Such conflicts, manifesting across various levels, can significantly strain political ties, disrupt economies, and fracture societies.

In this digital quagmire, the innovative counter-espionage technologies developed by Freemindtronic emerge as a beacon of hope. They offer a testament to the power of leveraging cutting-edge solutions to fortify our digital defenses against the invasive reach of spyware like Pegasus. By integrating such advanced protective measures, individuals and organizations can significantly enhance their cybersecurity posture, safeguarding their most sensitive data and communications in an increasingly surveilled world.

This piece aims to illuminate the shadowy dynamics of Pegasus spyware, drawing back the curtain on its profound implications. For those keen to explore further, we invite you to consult the sources listed below. They serve as gateways to a deeper understanding of Pegasus’s pervasive influence, the ongoing efforts to counteract its invasive reach, and the pivotal role of technologies like those from Freemindtronic in these endeavors.

In a world where digital surveillance perpetually evolves, staying informed, vigilant, and equipped with the latest in counter-espionage technology is paramount. As we navigate these challenges, let us engage in ongoing dialogue, advocate for stringent regulatory measures, and champion the development of robust cybersecurity defenses. Together, we can confront the challenges posed by Pegasus and similar technologies, safeguarding our collective privacy, security, and democratic values in the digital age.

Sources

In crafting this article, we have drawn upon a selection of reputable and verified web sources. Our sources are chosen for their commitment to presenting facts objectively and respecting the presumption of innocence.

This article has been meticulously crafted, drawing upon a diverse array of reputable and verified web sources. These sources have been selected for their unwavering commitment to factual accuracy, objective presentation, and respect for the presumption of innocence. Our investigation delves deep into the complex web of surveillance technology, focusing on the notorious Pegasus spyware developed by NSO Group and the global efforts to detect, regulate, and mitigate its invasive reach. The article sheds light on groundbreaking detection methods, international policy measures against spyware misuse, and the pressing need for enhanced cybersecurity practices.

We analyzed many sources including:

In summary

Additional references from a range of international publications provide further insights into the deployment, implications, and countermeasures associated with Pegasus spyware across various countries, including Saudi Arabia, Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Hungary, India, and the United Arab Emirates. These articles collectively highlight the global challenge posed by Pegasus, the evolving landscape of digital espionage, and the concerted efforts required to safeguard privacy and security in the digital age.

Estimating the Global Reach and Financial Implications of Pegasus Spyware

The deployment of Pegasus spyware across various nations reveals not only the extensive reach of NSO Group’s surveillance tool but also underscores the significant financial and ethical costs associated with its use. The following insights, derived from reputable news sources, offer a glimpse into the scale of Pegasus’s deployment worldwide and its impact on targeted countries:

  1. According to the French Le Monde, Saudi Arabia targeted about 15,000 phone numbers with Pegasus. The cost of one license can be as high as Rs 70 lakh. With one license, multiple smartphones can be tracked. As per past estimates of 2016, for spying on just 10 people using Pegasus, NSO Group charges a minimum of around Rs 9 crore.
  2. The American The Washington Post reported that Saudi Arabia started using Pegasus in 2018. The FBI also confirmed that it obtained NSO Group’s powerful Pegasus spyware in 2019, suggesting that it bought access to the Israeli surveillance tool to “stay abreast of emerging technologies and tradecraft”.
  3. The British The Guardian stated that Azerbaijan aimed at about 5,000 phone numbers with Pegasus. The country is among the 10 governments that have been the most aggressive in deploying the spyware against their own citizens and those of other countries.
  4. As per the American The Washington Post, Azerbaijan began using Pegasus in 2019. The country has been accused of using the spyware to target journalists, activists, and opposition figures, as well as foreign diplomats and politicians.
  5. In the case reported by the French Le Monde, Bahrain focused on about 3,000 phone numbers with Pegasus. The country has been using the spyware since 2020 to target dissidents, human rights defenders, and members of the royal family.
  6. Mentioned in the American The Washington Post, Bahrain initiated Pegasus use in 2020. The country is one of the NSO Group’s oldest customers, having signed a contract with the company in 2016.
  7. As disclosed by the British The Guardian, Kazakhstan directed attention towards approximately 1,500 phone numbers with Pegasus. The country has been using the spyware since 2021 to target journalists, activists, and opposition figures, as well as foreign diplomats and politicians.
  8. According to the American The Washington Post, Kazakhstan commenced Pegasus usage in 2021. The country is one of the newest customers of NSO Group, having signed a contract with the company in 2020.
  9. According to claims made by the Mexican Aristegui Noticias, Mexico targeted about 15,000 phone numbers with Pegasus. The country is the largest known client of NSO Group, having spent at least $61m on the spyware between 2011 and 2017.
  10. As reported by the American The Washington Post, Mexico began Pegasus use in 2020. The country has been using the spyware to target journalists, activists, lawyers, and politicians, as well as the relatives of the 43 students who disappeared in 2014.
  11. As detailed in the French Le Monde, Morocco focused on about 10,000 phone numbers with Pegasus. The country is one of the most prolific users of the spyware, having targeted journalists, activists, lawyers, and politicians, as well as foreign heads of state and government.
  12. Confirmed by the Canadian organization Citizen Lab, Morocco initiated Pegasus usage in 2016. The country is one of the oldest customers of NSO Group, having signed a contract with the company in 2014.
  13. According to findings reported by the British The Guardian, Rwanda honed in on around 3,500 phone numbers with Pegasus. The country has been using the spyware to target dissidents, journalists, and human rights defenders, as well as foreign critics and rivals.
  14. As indicated by the American The Washington Post, Rwanda started Pegasus usage in 2019. The country is one of the newest customers of NSO Group, having signed a contract with the company in 2018.
  15. In the report from the French Le Monde, Hungary aimed at about 300 phone numbers with Pegasus. The country is the only EU member state known to have used the spyware, having targeted journalists, activists, lawyers, and opposition figures.
  16. As conveyed by the Hungarian Direkt36, Hungary initiated Pegasus use in 2018. The country is one of the newest customers of NSO Group, having signed a contract with the company in 2017.
  17. As outlined in the Indian The Wire, India directed attention towards approximately 1,000 phone numbers with Pegasus. The country is one of the largest users of the spyware, having targeted journalists, activists, lawyers, and politicians, as well as the leader of the main opposition party.
  18. According to the British The Guardian, India began Pegasus use in 2019. The country is one of the newest customers of NSO Group, having signed a contract with the company in 2018.
  19. According to the information provided by the French Le Monde, the United Arab Emirates honed in on around 10,000 phone numbers with Pegasus. The country is one of the most aggressive users of the spyware, having targeted journalists, activists, lawyers, and politicians, as well as foreign heads of state and government.
  20. Confirmed by the Canadian organization Citizen Lab, the United Arab Emirates started Pegasus usage in 2016. The country is one of the oldest customers of NSO Group, having signed a contract with the company in 2013.
  21. According to the European Parliament recommendation of 15 June 2023, the EU and its Member States have been affected by the use of Pegasus and equivalent surveillance spyware, which constitutes a serious threat to the rule of law, democracy, human rights and fundamental freedoms. The recommendation calls for a global moratorium on the sale and use of such technologies until robust safeguards are established.
  22. According to the article by Malwarebytes, Pegasus spyware and how it exploited a WebP vulnerability, the spyware exploited a vulnerability in the WebP image format, which allows for lossless compression and restoration of pixels. The article explains how the attackers created specially crafted image files that caused a buffer overflow in the libwebp library, used by several programs and browsers to support the WebP format.
  23. According to the article by ZDNet, ‘Lawful intercept’ Pegasus spyware found deployed in 45 countries, the spyware has been used by government agencies across the world to conduct cross-border surveillance, violating international law and human rights. The article cites a report by Citizen Lab, which identified 45 countries where Pegasus operators may be conducting surveillance operations.
  24. According to the article by The Guardian, Experts warn of new spyware threat targeting journalists and political opponents, a new spyware with hacking capabilities comparable to Pegasus has emerged, developed by an Israeli company called Candiru. The article cites a report by Citizen Lab, which found evidence that the spyware has been used to target journalists, political opposition figures and an employee of an NGO.
Articles, Digital Security

Chinese hackers Cisco routers: how to protect yourself?

Posted on by FMTAD
Hackers Chinois Cisco Routers
04
Oct
Chinese hackers Cisco routers by Jacques Gascuel: This article will be updated with any new information on the topic.

Hackers Chinois Cisco Routers

Hackers of Chinese origin modify the firmware of Cisco routers to break into corporate networks. Discover how Freemindtronic offers you efficient and secure encryption solutions.

How Chinese hackers infiltrate corporate networks via Cisco routers

A Chinese-backed hacker group, known as BlackTech, has managed to compromise corporate networks around the world by exploiting vulnerabilities in Cisco routers. The hackers have modified the firmware of the routers to install backdoors that allow them to access sensitive data, redirect traffic to malicious servers and hide their tracks.

How does BlackTech operate?

According to a joint report by several cybersecurity and law enforcement agencies in the US and Japan, including the FBI, the NSA and the NISC, BlackTech has been active since at least 2010 and targets mainly sectors such as administration, industry, technology, media, telecommunications and defense. The group first attacks the international subsidiaries of the companies before moving up to the headquarters in the US and Japan.

To get into the networks, BlackTech uses custom malware, dual-use tools and masking tactics, such as disabling logging on the routers, to avoid being detected.

The key point of the attack is the modification of the firmware of the Cisco routers, the embedded software that controls the operation of the devices. BlackTech replaces the official firmware with a corrupted version that contains a backdoor. This backdoor allows the hackers to connect to the router at any time, change its configuration, execute commands and redirect traffic to their servers.

What are the risks and consequences of the attack of the Chinese hackers Cisco routers who use malicious firmware?

The attack by BlackTech poses a serious threat to the security of the targeted companies and organizations. Indeed, the hackers can access confidential information, such as trade secrets, personal data or strategic documents. They can also disrupt the operation of the networks, by causing outages, slowdowns or errors. Finally, they can use the compromised networks as relays to launch other attacks or to spread malware.

The report by the cybersecurity and law enforcement agencies recommends the companies to check the integrity of their Cisco routers, update their firmware, strengthen their security measures and monitor their network traffic. The report also suggests adopting a zero trust security model, which consists of trusting no element of the network and systematically verifying the identity and permissions of the users and devices.

What are the motivations and objectives of BlackTech?

BlackTech is considered as a cyberespionage group backed by China. Its motivations and objectives are therefore probably related to the political, economic and military interests of Beijing. The group seeks to collect information useful for China, to weaken its competitors and adversaries, and to strengthen its influence and power in the world.

BlackTech is not the only Chinese hacker group to target corporate networks. Other groups, such as APT10, APT41 or Winnti, have been identified by cybersecurity experts as actors of cyberespionage on behalf of China. These groups use various techniques, such as phishing, certificate theft or software vulnerabilities, to infiltrate the networks and steal data.

China denies any involvement in these cyberespionage activities and accuses the US of conducting cyberattacks against it. The tensions between the two countries are high on the diplomatic, trade and technological fronts. Cyberwar is one of the strategic challenges of the 21st century.

What are the vulnerabilities exploited by BlackTech?

The report by the cybersecurity and law enforcement agencies does not specify which are the exact vulnerabilities exploited by BlackTech to modify the firmware of the Cisco routers. However, there are several known flaws that affect the routers of the American brand and that could be used by the hackers.

For example, in 2019, Cisco published a security bulletin to warn its customers of a critical vulnerability in the Secure Boot protocol of some of its routers. This vulnerability, named Thrangrycat, allows an attacker with physical or logical access to the router to modify the firmware and install persistent malicious code.

In 2020, Cisco also revealed the existence of a vulnerability in the SNMP (Simple Network Management Protocol) network management protocol of some of its routers. This vulnerability, named CDPwn, allows an attacker located on the same local network as the router to send malformed packets and cause remote code execution.

Another recent example, chinese hackers Cisco routers exploit F5 BIG-IP vulnerability A state-backed hacking group from China, known as BlackTech (September 2023), modifies the firmware of Cisco routers (not directly affected by the vulnerability) to gain access to the networks of US and Japanese companies. The hackers exploit a critical vulnerability (CVE-2022-1388) in F5 BIG-IP devices that allows them to execute arbitrary commands and install a backdoor. Cisco has released a security alert for its customers who use F5 BIG-IP devices in their infrastructure and recommends them to follow the instructions of F5 to apply the patch or the mitigation measures (Cisco Security Advisory). F5 has released a patch for this vulnerability (K23605346) for all affected versions, except 12.1.x and 11.6.x versions, which are end of life. Users and administrators are urged to apply the patch as soon as possible to prevent malicious cyber operations.

These two examples show that Cisco routers are not immune to security flaws that can be exploited by malicious hackers. It is therefore essential for companies to stay informed of security updates and apply them quickly to protect their networks.

The global attack of the Chinese hackers Cisco routers: what is its scope and impact?

It is difficult to assess the scope and impact of this attack at the global level, as the victims are not always aware or willing to reveal that they have been compromised. Nevertheless, it is possible to rely on some clues to get an idea.

According to the report by the cybersecurity and law enforcement agencies, BlackTech has targeted companies and organizations located in several countries, including the US, Japan, Hong Kong, Taiwan, Australia, Germany, France, Italy, Spain, Switzerland, Sweden, Norway, Finland, Belgium, Austria, Czech Republic, Poland, Romania, Slovakia, Hungary, Bulgaria, Greece, Turkey, Israel, India, South Korea, Thailand, Malaysia, Indonesia, Vietnam, Philippines, Brazil, Mexico, Chile, Colombia, Argentina, South Africa, Egypt, Morocco, Algeria, Tunisia, Saudi Arabia, United Arab Emirates, Qatar, Kuwait, Iran, Iraq, Syria, Lebanon, Jordan, Palestine, Pakistan, Bangladesh, Nepal, Sri Lanka, Cambodia, Laos, Myanmar, Singapore, New Zealand, Canada and the UK.

This shows that BlackTech has a global reach and can potentially affect thousands of companies and organizations in various fields. The impact of this attack can be considerable, both economically and security-wise. The hackers can steal strategic information, disrupt essential services, compromise critical infrastructures, harm the reputation of the victims, cause financial damage, or facilitate other forms of cybercrime, such as ransomware, identity theft, fraud, espionage or sabotage.

According to a study by the consulting firm Accenture, the average cost of a cyberattack for a company is 13 million dollars, an increase of 72% since 2014. The study also estimates that cyberattacks have a negative impact on customer trust, employee retention, product and service quality, and operational performance of companies.

Moreover, according to a report by the Center for Strategic and International Studies (CSIS) and the company McAfee, the global cost of cybercrime for the world economy is 600 billion dollars per year, or 0.8% of the global gross domestic product (GDP). The report highlights that cybercrime affects not only companies, but also governments, citizens, non-governmental organizations, and international institutions.

How to protect yourself with Freemindtronic’s technologies?

Among the solutions available on the market to protect against attacks by BlackTech or other hacker groups are innovative products developed by the Andorran company Freemindtronic, which use its NFC HSM and HSM OpenPGP technologies to secure sensitive data and encryption keys. These products are:

  • EviCore NFC HSM, which turns your smartphone, tablet or computer into a hardware security module (HSM) compatible with the OpenPGP standard. It allows you to store, manage and use your encryption keys and secrets with ease and confidentiality, without using a specific secure storage device.
  • EviCore HSM OpenPGP, which turns your smartphone, tablet or computer into a hardware security module (HSM) compatible with the OpenPGP standard. It allows you to store, manage and use your encryption keys and secrets with ease and confidentiality, without using a specific secure storage device. EviCore HSM OpenPGP is an innovation by Freemindtronic that received the Fortress 2023 award for the best encryption solution.
  • EviPass NFC HSM, which allows you to manage your passwords and identifiers in a secure and convenient way. It uses NFC technology to communicate with your smartphone, tablet or computer, and to authenticate you on websites and applications without having to enter or remember your passwords.
  • EviOTP NFC HSM, which allows you to generate one-time passwords (OTP) to enhance the security of your online accounts. It uses NFC technology to communicate with your smartphone, tablet or computer, and to provide you with a 6-digit code whenever you need it.
  • EviCypher NFC HSM, which allows you to encrypt and decrypt your sensitive data with a high level of security. It uses NFC technology to communicate with your smartphone, tablet or computer, and to allow you to encrypt and decrypt your files, messages, emails or notes with a simple gesture.

These technologies can have several benefits for businesses that face the attacks of BlackTech or other hacker groups, by offering enhanced protection of data and encryption keys, as well as strong and convenient authentication. They can also reduce the risks of loss, theft or corruption of data, by using resistant and reliable devices.

Update Cisco Router 2023 clic here

Articles, Cyberculture, NFC HSM technology, Technical News

RSA Encryption: How the Marvin Attack Exposes a 25-Year-Old Flaw

Posted on by FMTAD
NFC HSM Devices and RSA 4096 encryption a new standard for cryptographic security serverless databaseless without database by EviCore NFC HSM from Freemindtronic Andorra
03
Oct
Marvin attack RSA algorithm & NFC HSM RSA-4096 by Jacques Gascuel: This article will be updated with any new information on the topic.

Decrypting Marvin’s Assault on RSA Encryption!

Simply explore the complex area of ​​RSA encryption and discover strategies to repel Marvin’s attack. This article examines the intricacies of RSA 4096 encryption, ensuring your cryptographic keys and secrets are protected. Discover an innovative NFC HSM RSA 4096 NFC encryption protocol, serverless and databaseless.

How the RSA Encryption – Marvin Attack Reveals a 25-Year-Old Flaw and How to Protect Your Secrets with the NFC HSM Devices

RSA encryptionRSA encryption is one of the most widely used encryption algorithms in the world, but it is not flawless. In fact, a vulnerability of RSA encryption, known as the Marvin attack, has existed for over 25 years and could allow an attacker to recover the private key of a user from their public key. This flaw, which exploits a mathematical property of RSA encryption, was discovered in 1998 by the cryptographer Daniel Bleichenbacher, but it was never fixed or disclosed to the public. In the first part of this article, we will explain in detail how the Marvin attack works and what it means for the security of RSA encryption.

Moreover, NFC HSM and RSA 4096 represent a new dimension in cryptographic security. These technologies allow you to protect and use your cryptographic keys and secrets within a contactless device that communicates with your smartphone through NFC (Near Field Communication). The main advantage they offer is the formidable defense against cyberattacks, achieved by implementing state-of-the-art encryption algorithms and strong security protocols. You can discover more about the very simple functioning of NFC HSM devices for RSA 4096 encryption, as well as their multiple benefits, by reading until the end of this article. Moreover, we will highlight how Freemindtronic used the extreme level of safety of an NFC HSM device to establish, without contact and only on demand, a virtual communication tunnel encrypted in RSA-4096 without a server, without a database, from an NFC HSM device.

The Marvin Attack: Unveiling a 25-Year-Old RSA Flaw

Understanding the Marvin Attack

The Marvin attack targets the RSA algorithm, a foundational asymmetric encryption technique characterized by the use of two distinct keys: a public key and a private key. The public key serves to encrypt data, while the private key is responsible for decryption. These keys mathematically intertwine, yet revealing one from the other presents an exceedingly challenging task.

Named after Marvin the Paranoid Android from “The Hitchhiker’s Guide to the Galaxy,” this attack exploits a vulnerability in the RSA algorithm discovered by Swiss cryptographer Daniel Bleichenbacher in 1998. The vulnerability relates to the padding scheme that the RSA algorithm uses to introduce random bits into the data before encryption. The padding scheme has a design. It makes the encrypted data look random. It also thwarts attacks based on statistics. However, Bleichenbacher showed his ingenuity. He sent special messages to a server. The server used RSA encryption. By doing so, he could learn about the padding scheme. He could also recover the private key.

Implications of the Marvin Attack

The Marvin attack has profound implications for the security and confidentiality of your secrets. If an attacker successfully retrieves your private key, they gain unfettered access to decrypt all your encrypted data and compromise your confidential information. Furthermore, they can impersonate you by signing messages or executing transactions on your behalf.

The Marvin attack isn’t limited to a single domain; it can impact any system or application that uses RSA encryption with a vulnerable padding scheme. This encompasses web servers that employ HTTPS, email servers that use S/MIME, and blockchain platforms that rely on digital signatures.

Notably, NFC HSM devices that use RSA encryption for secret sharing are vulnerable to the Marvin attack. NFC HSM, short for Near Field Communication Hardware Security Module, is a technology facilitating the storage and utilization of cryptographic keys and secrets within contactless devices such as cards, stickers, or keychains. These devices communicate with smartphones via NFC, a wireless technology enabling short-range data exchange between compatible devices.

If an attacker intercepts communication between your NFC HSM device and smartphone, they may try a Marvin attack on your device, potentially recovering your private key. Subsequently, they could decrypt secrets stored within your device or gain access to your online accounts and services.

The Common Factor Attack in RSA Encryption

Understanding the Common Factor Attack

In the realm of RSA encryption, attackers actively exploit a vulnerability known as the Common Factor Attack. Here’s a concise breakdown:

1. Identifying Shared Factors

  • In RSA encryption, public keys (e, n) and private keys (d, n) play pivotal roles.
  • Attackers meticulously seek out common factors within two public keys, exemplified by (e1, n1) and (e2, n2).
  • Upon discovering a shared factor, their mission gains momentum.

2. Disclosing the Missing Factor

  • Once a common factor ‘p’ surfaces, uncovering its counterpart ‘q’ becomes relatively straightforward.
  • This is achieved through the simple act of dividing one key’s module by ‘p’.

3. Attaining Private Keys

  • Empowered with ‘p’ and ‘q,’ attackers adeptly compute private keys like ‘d1’ and ‘d2.’
  • This mathematical process involves modular inverses, bestowing them with access to encrypted content.

4. Decrypting Messages with Precision

  • Armed with private keys ‘d1’ and ‘d2,’ attackers skillfully decrypt messages initially secured by these keys.
  • Employing the formula ‘m = c^d mod n,’ they meticulously unlock the concealed content.

This simplified overview sheds light on the Common Factor Attack in RSA encryption. For a more comprehensive understanding, delve into further details here

Safeguarding Against the Marvin Attack

To fortify your defenses against the Marvin attack, it is imperative to employ an updated version of the RSA algorithm featuring a secure padding scheme. Secure padding ensures that no information about the encrypted data or private key is leaked. For example, you can adopt the Optimal Asymmetric Encryption Padding (OAEP) scheme, a standard endorsed by RSA Laboratories.

Additionally, utilizing a reliable and secure random number generator for generating RSA keys is essential. A robust random number generator produces unpredictable and difficult-to-guess random numbers, a critical element for the security of any encryption algorithm, as it guarantees the uniqueness and unpredictability of keys.

The Marvin attack, though a 25-year-old RSA flaw, remains a persistent threat capable of compromising the security of RSA-encrypted data and communications. Vigilance and adherence to cryptographic best practices are essential for shielding against this menace.

Choosing a trusted and certified provider of NFC HSM devices and RSA encryption services is equally pivotal. A reputable provider adheres to industry-leading security and quality standards. Freemindtronic, a company based in Andorra, specializes in NFC security solutions and has developed a plethora of technologies and patents grounded in NFC HSM devices and RSA 4096 encryption. These innovations offer a spectrum of advanced features and benefits across diverse applications.

In the following section, we will delve into why Freemindtronic has chosen to utilize RSA 4096 encryption in the context of the Marvin attack. Additionally, we will explore how Freemindtronic secures secret sharing among NFC HSM devices, elucidate the concept of NFC HSM devices, and unveil the advantages and benefits of the technologies and patents pioneered by Freemindtronic.

How Does RSA 4096 Work?

RSA 4096 is built upon the foundation of asymmetric encryption, employing two distinct keys: a public key and a private key. The public key can be freely disseminated, while the private key must remain confidential. These keys share a mathematical relationship, but uncovering one from the other poses an exceptionally daunting challenge.

RSA 4096 hinges on the RSA algorithm, relying on the formidable complexity of factoring a large composite number into the product of two prime numbers. RSA 4096 employs prime numbers of 4096 bits in size, rendering factorization virtually impossible with current computational capabilities.

RSA 4096 facilitates four primary operations:

  1. Encryption: Transforming plaintext messages into encrypted messages using the recipient’s public key. Only the recipient can decrypt the message using their private key.
  2. Decryption: Retrieving plaintext messages from encrypted ones using the recipient’s private key. Only the recipient can perform this decryption.
  3. Signature: Adding an authentication element to plaintext messages using the sender’s private key. The recipient can verify the signature using the sender’s public key.
  4. Signature Verification: Validating the authenticity of plaintext messages and their sender using the sender’s public key.

In essence, RSA 4096 ensures confidentiality, integrity, and non-repudiation of exchanged messages.

But how can you choose and utilize secure RSA keys? Are there innovative solutions available to bolster the protection of cryptographic secrets? This is the focal point of our next section, where we will explore the technologies and patents developed by Freemindtronic for RSA 4096 secret sharing among NFC HSM devices.

Technologies and Patents Developed by Freemindtronic for RSA 4096 Secret Sharing among NFC HSM Devices

Freemindtronic employs RSA 4096 to secure the sharing of secrets among NFC HSM devices, driven by a commitment to robust security and trust. RSA 4096 stands resilient against factorization attacks, the most prevalent threats to RSA encryption. It upholds the confidentiality, integrity, and non-repudiation of shared secrets.

Freemindtronic is acutely aware of the potential vulnerabilities posed by the Marvin attack. This attack can compromise RSA if the prime numbers used to generate the public key are too close in proximity. Therefore, Freemindtronic diligently adheres to cryptographic best practices when generating robust and random RSA keys. This involves using large prime numbers, usually larger than 2048 bits, and employing a dependable and secure random number generator Freemindtronic regularly validates the strength of RSA keys through online tools or other means and promptly replaces keys suspected of weakness or compromise.

In summary, Freemindtronic’s selection of RSA 4096 is informed by its robustness. This choice is complemented by unwavering adherence to cryptographic best practices. The incorporation of the EVI protocol bolsters security, ensuring the imperviousness of secrets shared among NFC HSM devices. This will be further elucidated in the following sections

Why Freemindtronic Utilizes RSA 4096 Against the Marvin Attack

Freemindtronic’s choice to utilize RSA 4096 for securing secret sharing among NFC HSM devices is grounded in its status as an asymmetric encryption algorithm renowned for delivering a high level of security and trust. RSA 4096 effectively resists factorization attacks, which are among the most prevalent threats against RSA encryption. It guarantees the confidentiality, integrity, and non-repudiation of shared secrets.

To address the potential consequences of the Marvin attack, Freemindtronic meticulously follows cryptographic best practices when generating strong and random RSA keys. The company employs prime numbers of substantial size, typically exceeding 2048 bits, in conjunction with a reliable and secure random number generator. Freemindtronic vigilantly validates the strength of RSA keys and promptly replaces them if any suspicions of weakness or compromise arise.

Moreover, Freemindtronic harnesses the power of the EVI (Encrypted Virtual Interface) protocol, which enhances RSA 4096’s security profile. EVI facilitates the exchange of RSA 4096 public keys among NFC HSM devices, introducing a wealth of security measures, including encryption, authentication, anti-cloning, anti-replay, anti-counterfeiting, and the use of a black box. EVI also enables the transmission of secrets encrypted with the recipient’s RSA 4096 public key, using the same mechanism.

In summary, Freemindtronic’s selection of RSA 4096 is informed by its robustness, complemented by unwavering adherence to cryptographic best practices. The incorporation of the EVI protocol bolsters security, ensuring the imperviousness of secrets shared among NFC HSM devices. This will be further elucidated in the following sections.

How Freemindtronic Utilizes RSA 4096 to Secure Secret Sharing Among NFC HSM Devices

Freemindtronic leverages RSA 4096 to fortify the security of secret sharing among NFC HSM devices, following a meticulously orchestrated sequence of steps:

  1. Key Generation: RSA 4096 key pairs are generated on each NFC HSM device, utilizing a dependable and secure random number generator.
  2. Public Key Exchange: The RSA 4096 public keys are exchanged between the two NFC HSM devices using the EVI (Encrypted Virtual Interface) protocol. EVI introduces multiple layers of security, including encryption, authentication, anti-cloning, anti-replay, anti-counterfeiting measures, and the use of a black box.
  3. Secret Encryption: The secret is encrypted using the recipient’s RSA 4096 public key, employing a hybrid encryption algorithm that combines RSA and AES.
  4. Secure Transmission: The encrypted secret is transmitted to the recipient, facilitated by the EVI protocol.
  5. Secret Decryption: The recipient decrypts the secret using their RSA 4096 private key, employing the same hybrid encryption algorithm.

Through this meticulous process, Freemindtronic ensures the confidentiality, integrity, and non-repudiation of secrets exchanged between NFC HSM devices. This robust approach thwarts attackers from reading, altering, or falsifying information protected by RSA 4096.

But what exactly is an NFC HSM device, and what communication methods exist for secret sharing among these devices? What are the advantages and benefits offered by the technologies and patents pioneered by Freemindtronic? These questions will be addressed in the subsequent sections.

What Is an NFC HSM Device?

An NFC HSM (Near Field Communication Hardware Security Module) is a specialized hardware security module that communicates wirelessly with an Android smartphone via NFC (Near Field Communication) technology. These devices come in the form of cards, stickers, or keychains and operate without the need for batteries. They feature EEPROM memory capable of storing up to 64 KB of data.

NFC HSM devices are designed to securely store and utilize cryptographic keys and secrets in an isolated and secure environment. They shield data from cloning, replay attacks, counterfeiting, or extraction and include an access control system based on segmented keys.

One prime example of an NFC HSM device is the EviCypher NFC HSM developed by Freemindtronic. This technology allows for the storage and utilization of cryptographic keys and secrets within a contactless device, such as a card, sticker, or keychain. EviCypher NFC HSM offers a range of features, including offline isolation, seamless integration with other technologies, and enhancements to the user experience. With its robust security measures and innovative features, EviCypher NFC HSM sets a new standard for secure communication and secret management in the digital realm.

Resistance Against Brute Force Attacks on NFC HSM

The RSA 4096 private key is encrypted with AES 256. Therefore, the user cannot extract it from the EEPROM memory. The NFC HSM has this memory. It also has other secrets in this memory. This memory is non-volatile. As a result, it can last up to 40 years without power. Consequently, any invasive or non-invasive brute force attack on NFC HSM is destined for failure. This is due to the fact that secrets, including the RSA private key, are automatically encrypted in the EEPROM memory of the NFC HSM using AES-256 with segmented keys of physical origin, some of which are externalized from the NFC HSM.

Real-Time Secret Sharing with EviCore NFC HSM

An intriguing facet of EviCore NFC HSM technology is its ability to facilitate real-time secret sharing without the need for a remote server or database. EviCore NFC HSM accomplishes this by encrypting secrets with the recipient’s randomly generated RSA 4096 public key directly on their NFC HSM device. This innovative approach to secret sharing eliminates the necessity for a trusted third party. Furthermore, EviCore NFC HSM executes these operations entirely in the volatile (RAM) memory of the phone, leaving no traces of plaintext secrets in the computer, communication, or information systems. As a result, it renders remote or proximity attacks, including invasive or non-invasive brute force attacks, exceedingly complex, if not physically impossible. Our EviCore NFC HSM technology is an Android application designed for NFC-enabled phones, functioning seamlessly with our NFC HSM devices. This application serves as both firmware and middleware, constituting an embedded system, offering optimal performance and compatibility with NFC HSM devices.

What Are the Advantages and Benefits of NFC HSM Devices and RSA 4096 Encryption?

NFC HSM devices and RSA 4096 encryption offer numerous advantages and benefits across various applications and domains. Some of these include:

  1. Enhanced Security and Trust: They bolster security and trust in the digital landscape through the utilization of a robust and efficient encryption algorithm that withstands factorization attacks.
  2. Simplified Key and Secret Management: They simplify the management and sharing of cryptographic keys and secrets by leveraging contactless technology for communication with Android phones via NFC.
  3. Improved Device Performance and Compatibility: They enhance device performance and compatibility by functioning as a firmware-like middleware embedded within an Android application for NFC-enabled phones.
  4. Enhanced User Experience: They improve the user experience of devices by offering features such as offline isolation, seamless integration with other technologies, and enhanced user experiences.

In summary, NFC HSMs and RSA 4096 encryption offer inventive and pragmatic answers to the escalating requirements for security and confidentiality in the digital sphere.

Articles, Cyberculture, EviCore NFC HSM Technology, EviCypher NFC HSM, EviCypher Technology

Communication Vulnerabilities 2023: Avoiding Cyber Threats

Posted on by FMTAD
Person working on a laptop within a protective dome, surrounded by falling hexadecimal ASCII characters, highlighting communication vulnerabilities
30
Sep
The hidden dangers of communication vulnerabilities in 2023  by Jacques Gascuel: This article will be updated with any new information on the topic.

Beware of communication vulnerabilities in 2023

Communication is essential for our personal and professional lives, but it also exposes us to cyber threats. In 2023, hackers will exploit the hidden dangers of communication vulnerabilities to steal data, disrupt services, and spy on users. This article will explain the main types of communication vulnerabilities, their impact, and how to protect yourself from them.

Communication Vulnerabilities in 2023: Unveiling the Hidden Dangers and Strategies to Evade Cyber Threats

2023 Security Vulnerabilities in Means of Communication

Communication is essential for individuals and professionals, but it is also exposed to many cyber threats. In 2023, several security breaches affected emails and messages, compromising the security of data, services, and users. These breaches showed the vulnerability of communication systems, which are exposed to increasingly sophisticated and targeted attacks. To protect themselves, users need to encrypt their data and communications with their own keys that they created and stored offline. One of the solutions that can help them achieve this is EviCypher NFC HSM technology by Freemindtronic.

The Reality of Security Breaches in Communication Systems

However, we wanted to highlight a disconcerting reality: users often found themselves defenseless against the hidden dangers of communication vulnerabilities in 2023 that festered beneath the surface for long periods of time. Unaware of these current, imminent or future risks, they unwittingly provided gateways to espionage activities, whether motivated by legitimate or malicious intentions. These vulnerabilities enabled a relentless cycle of cyber victimization, perpetuating the very threats they aimed to mitigate.

For example, iCloud Email operated without end-to-end encryption from its launch in 2011 until December 2022 – a troubling reality that put users in a vulnerable position, their security at the mercy of external factors they could not control.

Another example, several reports by the Citizen Lab have revealed the existence and the use of Pegasus spyware developed by the Israeli company NSO Group, which sells its services to governments and private actors to spy on targets around the world. Moreover, several investigations by the consortium Forbidden Stories have revealed that more than 50,000 phone numbers have been selected as potential targets by NSO Group’s clients, including heads of state, journalists, human rights activists, etc.

Among the most recent examples of these vulnerabilities, we can mention the cyberattack against the US State Department, which was attributed to hackers linked to China.

Chinese hackers hacked 60,000 emails from the US State Department

In March 2023, Chinese hackers hacked 60,000 emails from the US State Department. Some of them were very sensitive to national security and foreign affairs. They used a Microsoft Exchange flaw named Log4Shell. This vulnerability allows hackers to remotely execute malicious code on servers that use this software. It affects millions of servers worldwide. Senator Mark Warner revealed the attack and criticized the lack of transparency and security of the State Department. He called for strengthening cooperation between government agencies and the private sector to cope with cyberthreats. This attack is part of a context of rising tensions between the US and China, who accuse each other of espionage and sabotage on cyberspace.

The other sensitive organs targeted by the attack

Besides the State Department emails, the attack also targeted other sensitive organs, such as:

  • The Bureau of the Coordinator for Cyber Issues, which is responsible for coordinating the State Department’s efforts to prevent and respond to cyberattacks.
  • The Bureau of Consular Affairs, which is in charge of issuing passports and visas, as well as protecting US citizens abroad.
  • The Bureau of Intelligence and Research, which provides analysis and assessments on foreign policy and national security issues.

These sensitive organs hold confidential or personal information that could be used by the Chinese hackers for espionage, blackmail or sabotage. For example, the hackers could access the biometric data of visa applicants, the reports of intelligence agents or the action plans in case of crisis.

The security flaw exploited by the Chinese hackers

The most serious thing is that some servers that were hacked by the Chinese had not been updated with the patch released by Microsoft on December 10, 2022. This shows that the updates are not automatic and that they have to be installed manually. This also shows the lack of responsiveness and vigilance of the IT security managers. They let the Chinese hackers exploit this flaw before it was fixed by Microsoft, who released security updates. Indeed, this cyberattack shows the vulnerability of communication systems and the need to protect them effectively.

A Case of Satellite Messaging Security Vulnerability

Satellite messaging is a means of communication that allows the transmission of electronic messages or calls via a network of artificial satellites. It is used by professionals and individuals in areas with no cellular coverage or those seeking discreet communication. However, satellite messaging is not immune to security vulnerabilities that can compromise data confidentiality and integrity.

In September 2023, a team of cybersecurity researchers uncovered a significant security vulnerability in the Bullitt satellite messaging service. This vulnerability allowed hackers to read and modify messages sent and received by users, as well as access their personal information, including GPS coordinates and phone numbers. Hackers could also impersonate users by sending messages on their behalf. The vulnerability was found in the PubNub-Kotlin API used by the Bullitt Messenger app to manage communication between devices and the service’s servers. Despite alerting Bullitt, the service provider, about this vulnerability, the researchers received no satisfactory response.

This security flaw poses a high risk to satellite messaging users, as their data can be exposed or manipulated by hackers.

Security Vulnerabilities in Communication Systems: A Closer Look

2023 Security Flaws in Communication Channels is a paramount concern for individuals and organizations across the globe. Hackers frequently exploit vulnerabilities within communication protocols and services to launch attacks that can compromise data confidentiality, integrity, and availability. To illustrate the magnitude and gravity of this issue, we have compiled statistics based on our web research:

Security Vulnerabilities in Emails

Emails serve as a central vector for cyberattacks, representing a significant portion of security incidents, with up to 91% of reported incidents, as per cybermalveillance.gouv.fr. Among these email-targeted threats, ransomware attacks are the most prevalent, comprising 25% of reported security incidents. Additionally, it’s striking to note that 48% of malicious files attached to emails are Microsoft Office documents. These statistics underscore the critical importance of implementing robust security measures for emails to guard against evolving threats.

Furthermore, an analysis conducted by the Verizon Data Breach Investigations Report for 20232 highlights that emails remain the primary variety of malicious actions in data breaches, underscoring their continued relevance as a vector for cyberattacks.

However, it is essential to note that email-specific vulnerabilities can vary based on factors such as email protocol vulnerabilities, server configuration errors, human mistakes, among others.

Security Vulnerabilities in Encrypted Messaging Services

Encrypted messaging services like Signal, Telegram, or WhatsApp are not immune to security vulnerabilities, which can compromise message and file confidentiality, integrity, and availability. In March 2023, Cellebrite, an Israeli data extraction company, claimed to have successfully decrypted messages and files sent via Signal. In June 2023, Google disclosed a vulnerability in its RCS service that allowed hackers to send fraudulent messages to Android users, containing malicious links redirecting victims to compromised websites.

Security Vulnerabilities in Communication Protocols

Communication protocols such as SMTP, RCS, or SMS are also susceptible to security vulnerabilities that can enable hackers to intercept, modify, or spoof messages and calls. SS7 vulnerabilities involve attacks exploiting the vulnerabilities of the SS7 protocol, used to establish and terminate telephone calls on digital signaling networks. These attacks can allow hackers to intercept, modify, or spoof voice and SMS communications on a cellular network. In January 2023, a hacking group named Ransomware.vc launched a data extortion campaign targeting organizations using the Progress MOVEit file transfer tool. The hackers exploited an SS7 vulnerability to intercept verification codes sent via SMS to MOVEit users, gaining access to sensitive data. In February 2023, the Ukrainian power grid was hit by a new malware called Industroyer2, attributed to Russian hackers. The malware used an SS7 vulnerability to take control of network operator phone calls, disrupting electricity distribution in the country. In March 2023, Samsung suffered a data breach that exposed the personal and financial information of millions of customers. The breach was caused by an SS7 vulnerability that allowed hackers to access SMS messages containing online transaction confirmation codes.

An Overview of Security Vulnerabilities in Communication Systems

Communication systems exhibit various vulnerabilities, with each element susceptible to exploitation by hackers. These weaknesses can have severe consequences, including financial losses, damage to reputation, or national security breaches.

  • Protocols: Communication protocols, like Internet Protocol (IP), Simple Mail Transfer Protocol (SMTP), Signaling System 7 (SS7), and Rich Communication Services (RCS), can contain security vulnerabilities. These vulnerabilities enable hackers to intercept, modify, or spoof communications on the network. For instance, an SS7 vulnerability allows hackers to eavesdrop on phone calls or read SMS messages on a cellular network.
  • Services: Network services, such as messaging, cloud, streaming, or payment services, possess their own vulnerabilities. These vulnerabilities may permit hackers to access, modify, or delete data within the service. For instance, a vulnerability in an encrypted messaging service enables hackers to decrypt messages or files sent via the service.
  • Applications: Software applications, including web, mobile, desktop, or IoT applications, are prone to security vulnerabilities. These vulnerabilities empower hackers to execute malicious code on a user’s device or gain control of the device itself. For example, a vulnerability in a web application allows hackers to inject malicious code into the displayed web page.
  • Devices: Physical devices, such as computers, smartphones, tablets, or IoT devices, feature their own set of security vulnerabilities. These vulnerabilities can enable hackers to access the device’s data or functionalities. For instance, a vulnerability in a smartphone grants hackers access to the device’s camera, microphone, or GPS.

In conclusion, the multitude of security vulnerabilities in communication systems presents a significant challenge to all stakeholders. Protecting against these vulnerabilities and enhancing cybersecurity is essential to safeguard sensitive data and infrastructure.

How communication vulnerabilities exposed millions of users to cyberattacks in the past years

Communication is essential for our personal and professional lives, but it also exposes us to cyber threats. In the past years, hackers exploited the hidden dangers of communication vulnerabilities to steal data, disrupt services, and spy on users. These vulnerabilities affected software and services widely used, such as Log4j, Microsoft Exchange, Exim, Signal, Telegram, or WhatsApp. Some of these vulnerabilities have been fixed, while others remain active or in progress. The following table summarizes the main communication vulnerabilities in the past years, their impact, and their status.

Name of the breach Type of breach Impact Status Date of discovery Date of patch
Log4j Command injection Control of servers and Java applications Fixed November 24, 2021 December 18, 2021
Microsoft Exchange Remote code execution Data theft and backdoor installation Fixed March 2, 2021
Exim Multiple vulnerabilities Control of email servers June 5, 2020
Signal Denial of service Blocking of messages and calls Fixed May 11, 2020 May 15, 2020
Telegram Deserialization Access to messages and files Fixed January 23, 2021
WhatsApp QR code spoofing Account hacking Fixed October 10, 2019
File-based XSS Code injection Execution of malicious code in the browser Not fixed December 17, 2020 N/A
RCS QR code spoofing Interception, modification or spoofing of messages and calls Not fixed June 17, 2020 N/A
SMS SIM swap fraud Account takeover and identity theft Active or in progress
MMS Stagefright vulnerability Remote code execution and data theft Fixed July 27, 2015 August-September 2015
SolarWinds Orion Supply chain compromise Data theft and backdoor installation Fixed December 8, 2020 February 25, 2023
API PubNub-Kotlin Privilege escalation by deserialization of untrusted data Arbitrary command execution on SolarWinds Platform website Fixed February 8, 2022 April 19, 2023
SS7 Multiple vulnerabilities Data theft, interception, modification or blocking of communications, location tracking or spoofing, fraud Active or in progress 2014 N/A

This table provides a concise overview of the hidden dangers of communication vulnerabilities in 2023, their types, impacts, and current statuses.

EviCypher NFC HSM: The technology that makes your communications invulnerable to security breaches

Security vulnerabilities in the means of communication pose a high risk to users, including satellite messaging, as their data can be exposed or manipulated by hackers. Therefore, effective protection against this threat is essential. This is precisely where the EviCypher NFC HSM technologies mentioned in this article come in as an innovative and secure solution.

EviCypher NFC HSM Technology for Messaging Protection

EviCypher NFC HSM technology is a solution that enables contactless encryption and decryption of data using an NFC card. It employs a hardware security module (HSM) that securely stores encryption keys. It is compatible with various communication services, including emails, SMS, MMS, satellite messaging, and chats.

To use EviCypher NFC HSM technology, simply pair the NFC Card, to an NFC-enabled Android phone and activate it with your fingerprint. Messages sent and received through messaging services are encrypted and decrypted using the NFC card. Only the card owner can access their messages and files. No one can intercept or alter them, even if the  service is compromised by a security vulnerability.

EviCypher NFC HSM technology offers optimal protection for commincation, ensuring data confidentiality and integrity. It also safeguards against other types of security vulnerabilities that may affect communication methods, such as Log4Shell or SolarWinds. It is a simple, effective solution that requires no change in user habits.

What is EviCypher NFC HSM technology?

EviCypher NFC HSM technology is a contactless encryption technology that uses hardware security modules (HSM) devices that communicate via NFC (Near Field Communication) protocols. These devices are EviTag and Evicard, which are small and portable devices that can be attached to a keychain or a card holder. They allow users to store and manage their keys and secrets securely, without relying on third-party services or cloud storage.

How does EviCypher NFC HSM technology work?

EviCypher NFC HSM technology works by encrypting and decrypting data and communications with the user’s own keys that they created and stored offline. The user can use the devices for various applications, such as encrypting emails, messages or files.

To use NFC HSMs, the user must first pair it with their phone. He chooses the option of encryption or decryption on his phone, writes or reads his messages on his phone. Encryption and decryption operations are performed from the NFC HSM itself, without exposing keys or secrets to the phone. The same operation is available on computer via a phone-paired web extension and using the NFC HSM.

Why is EviCypher NFC HSM technology secure and reliable?

EviCypher NFC HSM technology is integrated into a hardware security module that stores encrypted secrets, such as encryption keys, in the highly secure NFC eprom memory. It enables to encrypt contactless communications upstream, in post-quantum AES 256, before sending them. It is thus secure and reliable, because it encrypts the data before transmitting them without ever keeping the message in plain text.

How can EviCypher NFC HSM technology protect you from security breaches?

EviCypher NFC HSM technology can protect you from security breaches by encrypting your data and communications in advance in volatile memory before sending them encrypted without ever keeping the message in clear automatically destroyed and replaced by its encrypted version in AES 256 symmetry considered post quantum. Thus, even if there are security flaws the messages and emails and their attachments remain always encrypted. This can be done from an Android NFC phone and/or from the Freemindtronic extension.

This way, you can avoid being exposed to past, present or future security vulnerabilities, since the encryption is done on the device itself, without exposing the keys or secrets to the phone or computer. Even if your phone or computer is compromised by a hacker or a spyware, they cannot access your data or messages in clear text. Only you can decrypt them with your device and your PIN code.

EviCypher NFC HSM technology is an innovative solution that offers a high level of security and privacy for your communication systems. It is developed by Freemindtronic, an Andorran company specialized in NFC security. It is based on EviCore NFC HSM technology, which is a hardware security module that combines hardware encryption and NFC communication protocols.

In conclusion, the EviCypher NFC HSM technology is integrated into a hardware security module that stores encrypted secrets, such as encryption keys, in the highly secure NFC eprom memory. It allows to encrypt contactless communications upstream, in post-quantum AES 256, before sending them. It is thus secure and reliable, because it encrypts the data before transmitting them without ever keeping the message in plain text.

Articles, Digital Security

ZenRAT: The malware that hides in Bitwarden and escapes antivirus software

Posted on by FMTAD
ZenRAT The-malware-that hides in Bitwarden-and escapes antivirus-software edit by freemindtronic from Andorra
27
Sep
ZenRAT Malware  by Jacques Gascuel: This article will be updated with any new information on the topic.

***

**

How this malware hides in Bitwarden and escapes antivirus software to steal your information

ZenRAT is a new malicious software that targets Windows users and hides in fake installation packages of Bitwarden, a popular and secure password manager. This remote access trojan (RAT) was discovered by Proofpoint, a company specialized in cybersecurity. ZenRAT aims to steal sensitive information from users, such as their credentials, passwords, IP addresses or browser data.

How does ZenRAT hide in Bitwarden?

ZenRAT uses a social engineering technique to trick users and make them download a fake installation package of Bitwarden. The malicious website that hosts the file looks very similar to the official Bitwarden website, but it uses a different domain name. The downloaded file contains an executable named ZenRAT, which installs discreetly on the victim’s computer and starts collecting and sending their personal information to a command and control server.

ZenRAT hides in Bitwarden to take advantage of its popularity and credibility, as it is used by millions of users worldwide. By imitating the website and logo of Bitwarden, ZenRAT hopes to attract users who are looking for downloading or updating this software, and to convince them that they are on the official website. Thus, ZenRAT can induce users to install the malicious file without suspicion.

This identity theft technique is commonly used by cybercriminals to spread malware under the guise of legitimate applications. Users should therefore be careful to only download software from a reliable source, and to check the domain name of the website. They should also be wary of advertisements in search engine results, which can be a major vector of infection.

What are the technical means used by ZenRAT to achieve its goals and protect itself?

ZenRAT uses several technical means to achieve its goals and protect itself from protection systems. Among these means, we can mention:

  • Encryption: It encrypts the data it steals and sends to the command and control server, using an AES algorithm with a randomly generated key. Thus, ZenRAT makes it harder to detect and analyze its network traffic by antivirus or firewall software.
  • Polymorphism: ZenRAT changes its appearance and behavior regularly, using techniques such as packing, obfuscation or mutation. Thus, ZenRAT escapes the static signatures of antivirus or intrusion detection software.
  • Geofencing: It checks the geographical location of the infected computer, using the IP address or browser data. If the computer is located in an area that does not interest the hacker, such as Russia or China, ZenRAT stops and uninstalls itself. Thus, ZenRAT reduces the risk of being discovered or analyzed by security researchers.
  • Anti-virtualization: ZenRAT detects if the infected computer is a virtual machine or a sandbox, using indicators such as the name of the CPU, GPU, RAM or hard disk. If so, ZenRAT stops and uninstalls itself. Thus, ZenRAT avoids being studied or neutralized by security experts.
  • QR codes: Malware Rat uses QR codes to communicate with its command and control server, using a dedicated mobile application. Thus, ZenRAT bypasses network filters or proxies that could block its traffic. The QR codes contain encrypted and compressed data, which are decoded and executed by the malware on the infected computer.
  • Password generator: ZenRAT uses a password generator to create random and strong passwords, which it uses to access online accounts of users. Thus, ZenRAT increases its chances of succeeding in brute force or dictionary attacks, and makes it more difficult for users to change or reset their passwords.

These technical means show that ZenRAT is a sophisticated and adaptable malware, which can circumvent or resist various forms of defense. They also testify to the malicious intent of the hacker, who seeks to maximize his impact and minimize his traceability.

Why is RAT a serious threat?

ZenRAT is a serious threat for the security and privacy of Internet users, because it steals personal and confidential information, which can be used to access sensitive services, identify and track users, analyze their habits and preferences, or inject malicious advertisements or spyware. It uses various technical means to spread and hide itself, and it escapes antivirus and security software.

ZenRAT has not yet been widely studied or detected by antivirus or security software. According to Proofpoint, the detection rate of the malicious file on VirusTotal was less than 10% at the time of their analysis. Other sources confirm that ZenRAT is a little-known and rare malware. It is therefore important to be vigilant and only download software from a reliable source, checking the domain name of the website.

ZenRAT is also a malware that specifically targets Windows users, who represent the majority of operating systems in the world. According to StatCounter, Windows had a market share of 72% in September 2023. This means that ZenRAT can potentially infect more than a billion Windows computers worldwide. Moreover, ZenRAT attacks Bitwarden users, a password manager that has more than 25 million users worldwide. By stealing their passwords, ZenRAT can access their online accounts and compromise their security.

Here is a summary table of the main characteristics of ZenRAT:

Attribute Details
Name ZenRAT
Type Remote Access Trojan (RAT)
Platform Windows
Infection Method Fake Bitwarden installation packages
Objective Steal sensitive user information
Technical Means Encryption, polymorphism, geofencing, anti-virtualization, QR codes, password generator
Detection Rate Below 10% on VirusTotal
Main Source Proofpoint1
Associated Threats Typosquatting, phishing, credential theft
Targeted Service Bitwarden password manager
Date of Discovery August 2023
Malicious Email Campaigns Several, targeting organizations across various sectors
Associated Malicious Domains bitwariden[.]com, crazygameis[.]com, obsproject[.]com, geogebraa[.]com
Dedicated Mobile Application ZenRAT Scanner
Fake Installers Bitwarden-Installer-version-2023-7-1.exe, CertificateUpdate-version1-102-90
Signed by Falsely claimed to be signed by Tim Kosse
Copy of Executable Location ApplicationRuntimeMonitor.exe stored in C:Users[username]AppDataRoamingRuntime Monitor
Collected Data CPU Name, GPU Name, OS Version, Installed RAM, IP Address & Gateway, Installed Antivirus, Installed Applications
C2 Communication Server IP: 185[.]186.72.14. Custom C2 protocol used
Unique Features Checks: IsBlockedRegion, IsMutex, IsSmallDisk, IsDetectVM. Logs sent in plain text to C2 server
Indicators of Compromise Several IP addresses and domains, as well as a list of SHA256 for associated files

ZenRAT is therefore a malicious software that attacks strategically Windows operating systems, hiding in fake installation packages of Bitwarden. It uses various technical means to spread and hide itself, and aims to steal sensitive information from users. It represents a serious threat for the security and privacy of Internet users.

Articles, Electronics, News, Press release, Technologies

Freemindtronic’s Legacy: Rediscovering Excellence

Posted on by FMTAD
Freemindtronic's Legacy: Rediscovering Excellence
21
Sep

Freemindtronic’s Legacy by Jacques Gascuel: This article will be updated with any new information on the topic.  

Breaking News: Rediscover Excellence with Freemindtronic’s Technological Heritage!

In this exclusive preview, at Freemindtronic, we take immense pride in inviting you to delve into our pioneering legacy in the realm of extreme security. Discover how our company not only reshapes the technological landscape but also has the potential to establish new industry standards in the captivating world of advanced nanotechnology and electronic cyber protection.

Courtroom scene with a judge's gavel and legal documents on a wooden desk in the foreground, symbolizing a ruling on IT liability. A screen in the background displays a ransomware warning, emphasizing the case's digital focus.

2025 Cyberculture Legal information

French IT Liability Case: A Landmark in IT Accountability
January 22, 2025
PassCypher HSM PGP password manager software box and laptop displaying web browser interface

2025 PassCypher Password Products Technical News

Passwordless Password Manager: Secure, One-Click Simplicity to Redefine Access
January 8, 2025
Laptop and smartphone displaying 2FA MFA security features with OATH initiative, key management solutions for 2024.

2024 Articles Technical News

Best 2FA MFA Solutions for 2024: Focus on TOTP & HOTP
October 8, 2024
Flags of France and the European Union on a white background representing ANSSI cryptography authorization

2024 Articles Cyberculture Legal information

ANSSI Cryptography Authorization: Complete Declaration Guide
October 7, 2024
laptop displaying Microsoft Uninstallable Recall feature, highlighting TPM-secured data and uninstall option, with a user's hand interacting, on a white background.

2024 Articles Technical News

New Microsoft Uninstallable Recall: Enhanced Security at Its Core
October 3, 2024
Ultra-realistic image illustrating Andorra's shared EAN code with Spain, featuring a barcode starting with 84 and a map connecting Andorra and Spain.

2024 Articles Cyberculture

EAN Code Andorra: Why It Shares Spain’s 84 Code
September 9, 2024
Operation Dual Face - Russian Espionage Hacking Tools in a high-tech cybersecurity control room showing Russian involvement

2024 Articles Digital Security News

Russian Espionage Hacking Tools Revealed
August 31, 2024
Certificat de finaliste du DataShielder Auth NFC HSM pour le Produit de Cyberdéfense de l'Année 2024 aux National Cyber Awards

2024 Distinction Excellence Press release

Produit de Cyberdéfense de l’Année : Freemindtronic Finaliste aux National Cyber Awards 2024
August 6, 2024

Resurrecting Excellence: Freemindtronic’s Legacy in Nanotechnology and the ‘Fullprotect’ Revolution

In 2013, Freemindtronic, a visionary enterprise founded in 2010, celebrated its nomination as a finalist for the prestigious “electron d’Or” award and its recognition as one of the top 10 most innovative mechatronics startups, earning the esteemed European Mechatronics Award. These accolades marked pivotal moments for Freemindtronic, showcasing its groundbreaking ‘Fullprotect’ technology and pioneering contributions to electronic innovation.

A New Chapter Begins with Freemindtronic SL Andorra – Resurrecting Excellence

Freemindtronic SL Andorra, the custodian of a global exclusive patent license for this groundbreaking technology, is embarking on a new chapter. Even though the partnership between STMicroelectronics and Freemindtronic SAS prematurely concluded just before the production of the first FullProtect component, Freemindtronic SL Andorra’s commitment to the project of creating nanotechnological components enters a new dynamic, as we explore new avenues for development.

Nanotechnology Components: A Resilient Legacy – Freemindtronic’s Technological Excellence

The journey begins with the creation of a range of miniaturized electronic components using nanotechnology. Freemindtronic SAS France’s primary objective was to create a range of miniaturized electronic components utilizing nanotechnology. This included the development of the first product range for direct current, covering 5 volts, 12 volts, and 8 volts to 48 volts, in collaboration with STMicroelectronics. This technology has the potential to revolutionize electronic systems, enhance performance, and set new industry standards. While the partnership with STMicroelectronics may have ended, Freemindtronic SL Andorra’s commitment to nanotechnology components remains unyielding, as we seek new avenues for development.

Rekindling Electronic System Protection – Innovating with ‘Fullprotect’

But the heart of the revival lies in the resurrection of ‘Fullprotect,’ the revolutionary technology that redefined electronic system protection. This innovation was designed to safeguard electronic systems from electrical and environmental threats while meticulously recording random events within an immutable “Evidence Box.” It was, and remains, a game-changer in the realm of electronic protection.

A Comprehensive Vision – The Vision of Freemindtronic

This synergy presents a comprehensive vision where technology converges to provide holistic solutions. Freemindtronic’s ‘Fullprotect’ technology sets the stage for a secure and efficient electronic landscape.

Expanding Horizons with Global Patents – International Patents and Innovations

Advantageously, Freemindtronic’s innovation, Argos One NFC, based on the patent FR2941572, is not an isolated triumph. It seamlessly integrates with the company’s other innovations in the realms of safety and cybersecurity, both of which hold international patents.

The Evolution of EviKey NFC HSM – EviKey NFC HSM: A Technological Evolution

An excellent example of this evolution is EviKey NFC HSM. It represents the discreet version of several other patented NFC HSM technologies by Freemindtronic SL Andorra, including EviCore, EviPass, EviSeed, EviVault, EviSign, EviOTP, EviPC, EviKeyboard, and EviCypher, with silicon integration on the horizon. This exemplifies Freemindtronic’s unwavering commitment to pushing the boundaries of electronic protection and innovation.

Rediscover Excellence with Freemindtronic – Join Us in Rediscovering Excellence

Join us in rediscovering the illustrious journey of Freemindtronic, a legacy of innovation in nanotechnology components and the ‘Fullprotect’ revolution. Together, we’re reigniting the flame of excellence and pioneering the future of electronic protection.

2023, Articles, EviKey & EviDisk, EviKey NFC HSM, News, NFC HSM technology, Technical News

Secure SSH Key Storage with EviKey NFC HSM

Posted on by FMTAD
EviKey NFC USB drive for secure SSH key storage. SSH Contactless keys manager, EviKey NFC & EviCore NFC HSM Compatible Technologies patented from Freemindtronic Andorra Made in France - JPG
16
Sep

Secure SSH Key Storage with EviKey NFC USB Drive | Advanced Encryption

Experience unparalleled secure SSH key storage with EviKey NFC USB. With advanced encryption, contactless NFC authentication, and programmable auto-lock, EviKey ensures your credentials remain safe from cyber threats. Moreover, discove and how EviKey enhances usability while keeping your digital assets safe with state-of-the-art features. how EviKey enhances usability while keeping your digital assets safe with state-of-the-art features

EviKey NFC USB: A Breakthrough in Secure SSH Key Storage

In the rapidly evolving cybersecurity landscape, secure SSH key storage has become a critical priority for organizations and individuals alike. The EviKey NFC USB drive combines NFC hardware-based security with advanced encryption and centralized key management options, offering unparalleled protection for your credentials. Unlike traditional methods, EviKey ensures your SSH keys remain secure from threats like brute force attacks, mismanagement, or secret sprawl. This guide explores how EviKey bridges the gap between usability and state-of-the-art security, empowering you to safeguard your digital assets effortlessly.

The Importance of Secure SSH Key Storage in Cybersecurity

SSH keys are fundamental to secure remote server access, but improper storage practices expose them to theft, misuse, and brute force attacks. Securing these credentials is a critical step in safeguarding digital assets and maintaining operational security.

Public Key Authentication: A Superior Alternative

SSH supports two authentication methods: passwords and public keys. However, while passwords are straightforward, they are vulnerable to brute force attacks and interception. By contrast, public key authentication, which pairs a private key stored securely with a public key shared on the server, provides a more robust, secure alternative.

Challenges in Managing SSH Keys

Despite its advantages, managing SSH keys introduces challenges:

  • Key Management: Handling multiple keys for different systems, which can lead to secret sprawl if not addressed.
  • Key Security: Ensuring secure SSH key storage to prevent loss or compromise.
  • Recovery: Restoring keys if a device is lost or damaged. Effective secret sprawl management is crucial for organizations to minimize the risk of unauthorized access and streamline key usage.

EviKey NFC USB drive addresses these issues head-on.

EviKey – Hardware Security vs. Software Security

Managing SSH keys effectively requires solutions that balance usability and robust security. While software-based systems, such as centralized secrets management platforms, offer scalability, they frequently introduce vulnerabilities, including dependency on external servers and potential data breaches. In contrast, hardware-based security, such as EviKey NFC USB, ensures unmatched protection by operating entirely offline. This approach eliminates reliance on external infrastructure, making it ideal for safeguarding sensitive credentials. Watch the demo.

Advantages of Hardware-Based Security

EviKey NFC USB actively protects SSH keys by combining advanced hardware encryption and robust physical security measures:

  • Offline Encryption: EviKey entirely removes online risks by keeping SSH keys offline. This design ensures complete protection against network-based attacks and unauthorized access.
  • AES-256 CBC Encryption via PassCypher: Leveraging PassCypher, EviKey encrypts SSH keys using AES-256 CBC encryption, paired with a secure password. This ensures that even if the device is compromised, keys remain inaccessible without proper authentication.
  • Tamper-Proof Design: Encased in military-grade resin, EviKey resists tampering and functions reliably in extreme environments, securing sensitive credentials at all times.

Risks of Software-Based Solutions

Despite their convenience, software-based systems face several limitations:

  • Secret Sprawl Risks: Centralized secrets management systems often create duplicated credentials across multiple servers or systems. This redundancy increases the chances of exposure to malicious actors.
  • Online Dependency: These platforms depend on cloud or server availability, making them susceptible to outages, breaches, and other external vulnerabilities.
  • Shared Responsibility Challenges: In multi-user environments, enforcing strict security policies is often difficult, leaving gaps that malicious actors can exploit.
  • Limited Encryption Practices: Many software solutions lack robust encryption, leaving SSH keys vulnerable to brute force attacks or phishing schemes.

Hybrid Approach for Enhanced Security

While centralized solutions are valuable for managing large-scale operations, EviKey NFC USB excels at protecting critical assets like sensitive SSH keys. By adopting a hybrid approach, organizations can pair centralized systems for scalability with EviKey’s offline storage to isolate and secure high-value secrets.

How EviKey Solves Secret Sprawl Challenges

Secret sprawl, a pervasive issue in many organizations, occurs when credentials proliferate across systems without proper oversight, creating unnecessary risks. EviKey directly addresses these risks by combining secure offline storage, granular access control, and robust traceability mechanisms.

  • Encrypted SSH Keys with PassCypher: EviKey uses AES-256 CBC encryption to protect SSH keys, requiring users to enter a secure password before accessing them. This added encryption ensures even unlocked devices cannot expose sensitive keys without proper credentials.
  • Centralized Offline Storage: EviKey consolidates SSH keys onto a single, tamper-resistant device. This reduces unnecessary copies and mitigates the risks of secret duplication or unauthorized sharing.
  • Controlled Access: Only authorized users with NFC-enabled devices and their unique PINs can unlock EviKey. This ensures credentials remain secure even if the device is lost or stolen.
  • Event Traceability with the Black Box: EviKey’s black box feature monitors device usage and logs random security events such as failed authentication attempts. Notably, the black box tracks device interactions, not the data stored on the USB flash memory. Once unlocked, EviKey functions seamlessly as a standard USB drive for usability.

This holistic approach effectively mitigates secret sprawl risks by isolating critical SSH keys in a secure, standalone device. Furthermore, EviKey’s offline design ensures that even in the absence of internet connectivity, your credentials remain fully protected. Combined with centralized solutions, this strategy provides both scalability and unparalleled security for high-value secrets.

How EviKey NFC Revolutionizes Secure SSH Key Storage

The EviKey NFC USB drive offers a hardware-based solution that externalizes SSH key storage. It secures private keys in a tamper-resistant device that can only be unlocked using contactless NFC authentication.

Key Features of EviKey NFC

Although centralized secrets management systems help organizations eliminate secret sprawl and automate key rotation, they still depend on external infrastructure. EviKey NFC USB complements these systems by providing NFC hardware-based security for critical credentials. It ensures your SSH keys are physically secure and invulnerable to network-based threats.

  • Contactless Authentication: Securely unlock your SSH key using contactless NFC technology, ensuring safe and seamless SSH key storage.
  • Encrypted SSH Keys with PassCypher: SSH keys stored on EviKey are encrypted using AES-256 CBC, requiring a secure password for access. This provides an extra layer of protection, ensuring credentials remain inaccessible even if the device is unlocked.
  • Multi-Factor Authentication (MFA): Combines an admin or user PIN, NFC phone UID, and a unique pairing key.
  • Advanced Security: Includes brute force detection with exponential delays after failed attempts.
  • Physical Robustness: Military-grade resin ensures resistance to tampering and environmental damage.
  • Undetectability When Locked: Notably, EviKey becomes invisible to systems when secured, preventing unauthorized detection. Explore how EviKey ensures compliance with cybersecurity standards.

For organizations managing a mix of centralized and offline credentials, EviKey offers a hybrid approach that strengthens overall security while minimizing vulnerabilities.

Backup and Recovery: Safeguarding Access

EviKey simplifies the backup and restoration of SSH keys:

  • Backup Creation: Use the associated mobile app to export encrypted backups of your private key.
  • Secure Recovery: Restore keys to a new device using NFC authentication and your unique pairing key.

For a deeper understanding of how EviKey NFC HSM protects your data and credentials, explore the complete guide to securing your data with EviKey NFC HSM.

Moreover, this ensures business continuity even if the device is lost or damaged, without compromising security.

Real-World Use Cases for EviKey:
  • Critical Infrastructure: Protect SSH keys for industrial systems that require offline, tamper-proof security.
  • Financial Institutions: Safeguard sensitive credentials against insider threats and brute force attacks.
  • Remote Work Environments: Ensure SSH keys remain isolated and secure, even when used on untrusted devices.
Proven Benefits:
  • Mitigates risks associated with secret sprawl by offering standalone, secure storage.
  • Provides a robust alternative to traditional centralized secrets management systems.
  • Enhances compliance with regulations like ISO 27001 and GDPR by offering GDPR-compliant SSH storage, ensuring personal data is handled with the utmost security.

Black Box Monitoring: Unmatched Traceability

The integrated black box feature tracks critical events like failed authentication attempts, brute force detections, and system interactions. This data is invaluable for:

  • Audits: Ensuring compliance with regulatory standards.
  • Incident Response: Quickly identifying and mitigating threats.
  • Operational Insights: Monitoring device usage for security optimization.

Compliance with SL4 Industrial Standards

The EviKey NFC HSM ensures secure SSH key storage and complies with SL4 (Security Level 4) standards under IEC 62443-3-3. This ensures:

  • Advanced Threat Resistance: Protection against physical, invasive, and non-invasive attacks.
  • Operational Integrity: Guaranteed performance under industrial-grade requirements.

Compliance reassures users of its reliability in high-stakes environments.

Energy Efficiency Through NFC Power Harvesting

A standout feature of EviKey is its NFC signal energy harvesting. This innovation:

  • Eliminates dependency on external power sources.
  • Enables lightweight and portable design.
  • Provides long-term durability, with data persistence for up to 40 years without external power.

This energy efficiency sets EviKey apart in the secure storage landscape.

When to use a hardware versus software solution?

Choosing between a hardware-based solution like EviKey and a software-based solution depends on your security needs:

  • Opt for a software-based solution if you need centralized secrets management for team collaboration or automation across distributed systems.
  • Choose EviKey for critical infrastructures, industries requiring compliance with strict regulations, or for protecting highly sensitive credentials in offline environments.

Combine both approaches for comprehensive protection, using EviKey for your most critical SSH keys and software solutions for broader operational management. Download the Fullkey app to manage your EviKey securely: Fullkey on Google Play.

How to Store and Use Your SSH Keys with EviKey NFC USB Drives for Secure SSH Key Storage

1. Generate Your SSH Key Pair

OpenSSH (Linux/macOS/Windows)
  • On Linux or macOS, use the OpenSSH client:
    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
  • For stronger security, consider generating ED25519 keys:
    ssh-keygen -t ed25519 -C "your_email@example.com"
  • On Windows, ensure OpenSSH is installed or use Windows Subsystem for Linux (WSL):
    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
PuTTYgen (Windows GUI)
  1. Download and launch PuTTYgen.
  2. Select RSA (4096-bit) or ED25519 for better security.
  3. Click Generate and follow the prompts.
  4. Save the private key () and convert it to OpenSSH format for compatibility:id_rsa
    • In PuTTYgen, go to Conversions > Export OpenSSH Key.
  5. Transfer the converted private key to EviKey:
    cp private-key-file /path-to-evikey
Git for Windows (With PassCypher HSM PGP)
  1. Install Git for Windows and open Git Bash.
  2. Generate the SSH key:
    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
  3. Transfer the private key to EviKey for secure storage:
    cp ~/.ssh/id_rsa /path-to-evikey
GitHub CLI
  1. Install the GitHub CLI.
  2. Generate a key and save it:
    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
    gh ssh-key add ~/.ssh/id_rsa.pub
  3. Transfer the private key to EviKey:
    cp ~/.ssh/id_rsa /path-to-evikey

2. Store Your Private Key on EviKey

After generating the SSH key, store it on your EviKey NFC USB drive to ensure secure storage:

  • On Linux/macOS:
    sudo mv id_rsa /media/evikey
  • On Windows, copy the key using File Explorer or the command prompt:
    cmd
    copy C:\Users\<username>\.ssh\id_rsa F:\<evikey-location>

3. Lock and Unlock with NFC

Use EviKey’s dedicated Android app for NFC-based secure operations:

  1. Lock: Approach your NFC-enabled phone to lock the device securely.
  2. Unlock: Unlock it only when needed for SSH authentication.
  3. The programmable auto-lock ensures the device secures itself after use.

Using EviKey for SSH Authentication

Local Authentication

Authenticate securely on your local machine:

ssh -p 22 root@127.0.0.1
Remote Server Authentication

Access remote servers seamlessly:

ssh -p 22 user@remote-server-ip

Each session ensures that your private key remains externalized, protected by EviKey’s advanced security mechanisms.

Expanded Use Cases for SSH Key Generation and Storage

For Developers Using WSL (Windows Subsystem for Linux)

  1. Open WSL and use OpenSSH to generate SSH keys:
    ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
  2. Copy the private key to the EviKey USB device via WSL:
    cp ~/.ssh/id_rsa /mnt/c/path-to-evikey

For Teams with Centralized Systems

If you are integrating with centralized secrets management:

  • Use EviKey for your most sensitive keys while maintaining less critical keys in your centralized system.
  • Rotate and back up keys easily using EviKey’s NFC app.

Why Expand on Key Generation Methods?

Adding these methods makes your guide accessible to a wider audience, offering options for GUI-based and CLI-based workflows. Highlighting compatibility with tools like Git for Windows and PuTTYgen ensures users across various platforms can seamlessly integrate EviKey into their workflow.

Programmable Auto-Lock: Intelligent Physical Isolation

The EviKey NFC HSM USB drive stands out by offering a unique programmable auto-lock feature. This functionality ensures that the device automatically locks itself after being used for an SSH connection. Once the session ends, the key physically isolates itself from the host system, providing an additional security layer.

This automatic isolation prevents unauthorized access even if the device remains connected to the system. Combined with its contactless unlocking mechanism, the EviKey creates a virtually impenetrable barrier against cyber threats.

Key Benefits of Auto-Lock:

  • Immediate prevention of unauthorized access after usage.
  • Enhanced protection for prolonged or unattended sessions.
  • Tailored for high-security environments like critical infrastructures or financial systems.

Advanced Multi-Layer Security with PassCypher

EviKey pairs its auto-lock feature with PassCypher HSM PGP, an additional tool for securing SSH keys. With PassCypher, you can assign a password to your private SSH key, adding an extra protection layer. This means that even if someone gains physical access to the device, it remains useless without the correct password.

How PassCypher Strengthens Security:

  • Password Protection: Ensures the SSH key remains unusable without proper authentication.
  • Enhanced Encryption: Keeps private keys securely encrypted at all times.
  • User-Friendly Management: Provides an intuitive way to set up and manage passwords and private keys.
  • AES-256 CBC Encryption: Each SSH key stored on EviKey is encrypted using industry-standard AES-256 CBC encryption. Users must input the associated password to decrypt and utilize the keys, safeguarding against unauthorized access.
  • Enhanced Physical Security: Even with physical access, attackers cannot use the encrypted keys without the correct PIN and password, ensuring dual-layer security.

Comparison: EviKey vs Competitors

EviKey’s unique features surpass competitors like Nitrokey, YubiKey, and OnlyKey:

  • Contactless NFC Authentication: Exclusive to EviKey.
  • Physical Undetectability: Invisible when locked.
  • Black Box Monitoring: Comprehensive event tracking for unmatched traceability.
  • Military-Grade Protection: Superior robustness and durability.
  • AES-256 CBC with Password: Highlight EviKey’s ability to encrypt each SSH key individually using a user-defined password for unparalleled protection.

At a Glance: EviKey NFC HSM vs. the Competition

Criteria EviKey NFC with PassCypher HSM PGP Nitrokey HSM 2 YubiKey OnlyKey
Memory Not applicable (external storage: 8GB-128GB) 76 KB EEPROM 32 KB 32 KB
SSH Key Capacity Over 4 billion Up to 19 RSA-4096 keys Up to 25 resident keys Up to 24 unique offline accounts
Password Protection per Key Yes (each SSH key is secured by an additional password) No No No
Supported Algorithms RSA (2048, 3072, 4096), ECDSA (256, 384, 521), ED25519 RSA (1024, 2048, 3072, 4096), ECC (P-256, P-384, P-521), AES-256 RSA (2048, 3072, 4096), ECC (P-256, P-384) RSA (2048, 3072, 4096), ECC (P-256, P-384, P-521)
Contactless Authentication Yes, via NFC contactless authentication for secure SSH key storage No Yes, NFC or USB Yes, NFC or USB
Users for Contactless SSH & OpenSSH Unlocking Up to 6 users None 1 user 1 user
2FA / MFA Authentication Modes MFA: Android NFC-secured phone + Unique pairing key + Admin or User PIN (permanent or temporary) and/or NFC phone UID. Combined elements ensure multi-factor physical security. 2FA via PIN 2FA via PIN 2FA via PIN
Protection Against Brute Force Attacks Electronic brute force attack protection: Moreover, the auto-unpairing system includes a default limit of 3 attempts, programmable up to 13 attempts with exponential delays before permanent lock, ensuring unmatched secure SSH key storage. No No No
Detectability in Locked Mode Undetectable: EviKey is physically undetectable when locked. Nitrokey detectable YubiKey detectable. OnlyKey detectable.
Physical Security of the Device Advanced brute force protection: attack detection, exponential unpairing, physically undetectable when locked. Standard with PIN lock Standard with PIN lock Standard with PIN lock
Patents 3 international patents None None None
Electrical Protection Integrated with intelligent regulator No No No
Thermal Safeguards Functional & thermal sensors with breaker No No No
ESD Protection 27kV on data channel No No No
Physical Robustness Military-grade resin; Waterproof & Tamperproof No No No
Security from Attacks Inclusive of invasive & non-invasive threats No No No
Authentication Attempt Limit 13 (modifiable by admin) No No No
USB Port Protection Fully independent security system No No No
Contactless Security Energy Harvests energy from NFC signals No No No
Black Box Monitoring Comprehensive event tracking No No No
Fault Detection In-built self-diagnostics No No No
Memory Write Count Monitors flash memory health No No No
Data Persistence 40 years without external power No No No
Temperature Guard Ensures optimal performance No No No
Auto-lock Duration Admin-defined (seconds to minutes) No No No

Best Practices for SSH Key Management with Hardware Solutions and Comprehensive Security

The EviKey NFC HSM USB drive delivers state-of-the-art protection for SSH key storage, but ensuring complete system security requires a proactive approach. By implementing the following best practices, you can significantly reduce vulnerabilities and fortify your digital ecosystem:

  • Maintain Software and Firmware Updates

    Cybercriminals frequently exploit vulnerabilities in outdated software. Regularly update your operating systems, USB drivers, and firmware to close potential security gaps. Automate updates where possible to minimize human oversight and ensure timely patching.

  • Adopt Multi-Factor Authentication (MFA)

    For systems requiring USB-based access, enable MFA to add an additional layer of protection. Pair methods like NFC authentication with PINs, biometrics, or time-sensitive codes to enhance security and prevent unauthorized access.

  • Change Default Ports and Protocols

    Default configurations, such as using port 22 for SSH, are prime targets for attackers. Change these settings to non-standard ports and disable unused protocols. Consider adopting encrypted alternatives like SFTP over plain FTP to secure data transfers.

  • Implement Inactivity Timeouts

    Set timeouts for idle sessions involving USB devices to log out users automatically, taking advantage of programmable auto-lock for secure SSH key storage. This limits the exposure window in case the device is left unattended or forgotten. Customize session lengths based on the sensitivity of the tasks being performed.

  • Strengthen Authentication Practices

    Replace password-based systems with cryptographic methods, such as SSH keys secured by robust passphrases. Leverage EviKey’s NFC-enabled security to externalize sensitive keys and reduce exposure on local machines.

  • Restrict and Monitor Login Attempts
    Implement a strict limit on failed login attempts to mitigate brute force attacks. For added resilience, introduce exponential backoff delays between retries. Tools like Fail2Ban can automate blocking after repeated unauthorized access attempts.

  • Disable Root Login Over SSH

    Eliminate the use of root credentials for SSH access. Instead, enforce the principle of least privilege by creating restricted user accounts with limited access rights. Elevate privileges only when absolutely necessary using

  • Enable Comprehensive Logging and Alerts

    Configure detailed logging for all USB-related and system activities, including authentication attempts and configuration changes. Use Security Information and Event Management (SIEM) tools to analyze logs and set up alerts for suspicious behaviors, enabling swift responses to potential threats.

  • Minimize Attack Surface by Disabling Unused Features

    Deactivate services and features not actively in use, such as X11 Forwarding, USB debugging, or legacy protocols. Unused features often serve as entry points for attackers, so proactively removing them strengthens system security.

  • Conduct Regular Security Audits and Penetration Tests

    Schedule regular vulnerability assessments for your USB devices, operating systems, and connected systems. Employ penetration testing to simulate real-world attacks, uncover hidden weaknesses, and validate your defenses.

  • Secure Data in Transit and at Rest

    Encrypt all sensitive data using strong algorithms, whether it is being transmitted over networks or stored on NFC USB drives for secure SSH key storage. The EviKey NFC HSM USB drive already provides industrial-grade encryption, but ensure this principle extends to all aspects of your system.

  • Leverage Network Segmentation

    If USB devices access critical systems, isolate those systems on segmented networks. This limits lateral movement in the event of a breach and ensures that sensitive assets remain compartmentalized.

  • Establish Incident Response Protocols

    Develop and regularly update incident response plans to address potential breaches. This includes steps to secure USB devices, contain affected systems, and restore operations while preserving forensic evidence for investigations.

  • Use Tamper-Evident Measures

    Physically secure USB devices with tamper-evident seals or locks. Combine these measures with periodic visual inspections to detect unauthorized attempts to access or modify the device.

    By combining these best practices with the advanced security features of the EviKey NFC HSM USB drive, you demonstrate the value of hardware-based solutions for SSH key management. This approach not only protects your SSH keys but also fortifies your entire digital infrastructure against a broad range of cyber threats. Adopting such comprehensive measures is essential for staying ahead in the ever-evolving landscape of cybersecurity.

Automated Best Practices for Security

The combination of programmable auto-lock and PassCypher automates critical security best practices. This automation eliminates the risk of human error, ensuring that your SSH keys and sensitive data remain secure. By adopting EviKey’s technology, you integrate a seamless yet comprehensive approach to system protection.

Real-World Use Cases:

  • Server Administration: After completing an SSH session, the EviKey locks itself, preventing further access.
  • Remote Work Security: Professionals working from unfamiliar systems can trust that their private keys remain isolated.
  • Regulatory Compliance: EviKey’s built-in security measures help organizations meet compliance standards, such as ISO 27001 and GDPR.

Secure Your Digital World with EviKey

Protecting your SSH keys is more than just a technical task; in fact, it is a cornerstone of digital security. Moreover, the advanced features of the EviKey NFC USB drive not only empower you with robust protection but also provide unmatched flexibility and unparalleled ease of use. Whether you are managing sensitive data, securing remote access, or meeting compliance standards, EviKey consistently delivers the cutting-edge tools you need to stay ahead of evolving cyber threats.

Secure Your Digital Ecosystem

The EviKey NFC HSM USB drive is far more than a storage device; rather, it serves as a gateway to enhanced digital security. By combining offline security solutions with advanced encryption, it ensures robust protection against secret sprawl while offering GDPR-compliant SSH storage. Whether you are safeguarding SSH keys, managing sensitive credentials, or complying with strict regulations, EviKey consistently delivers unparalleled performance, ensuring your digital ecosystem remains secure and resilient.

Upgrade to EviKey NFC USB for unparalleled secure SSH key storage and advanced cybersecurity solutions. Explore our product range:

Take the next step in protecting your digital assets with EviKey.

Articles, Crypto Currency, Digital Security, EviSeed, EviVault Technology, News

Enhancing Crypto Wallet Security: How EviSeed and EviVault Could Have Prevented the $41M Crypto Heist

Posted on by FMTAD
Crypto Wallet Security enhancing crypto wallet security how EviSeed and EviVault could have prevented the $41m crypto Heist crypto Lazarus APT38 BNP MATIC Heist
11
Sep

Crypto Wallet Security by Jacques Gascuel: This article will be updated with any new information on the topic.  

How EviSeed and EviVault Could Thwart a $41 Million Crypto Heist

Imagine waking up one day to discover that your crypto wallet has been hacked. As a result, all your funds are gone. Unfortunately, this is exactly what happened to more than 50,000 StakeCube users who were staking cryptocurrencies. They lost a massive $41 million in a cyberattack by North Korean hackers. In this article, we will demonstrate how EviSeed and EviVault technologies, developed by Freemindtronic, could have thwarted this theft.

EviSeed and EviVault NFC HSM Technologies could have prevented the $41 million crypto theft by North Korean hackers.

Cryptocurrencies have gained immense popularity, but they have also become increasingly vulnerable to theft. Hackers actively search for vulnerabilities in cryptocurrency storage and exchange platforms, leading to them stealing millions of dollars from users. North Korean hackers recently stole $41 million from the Stake platform, resulting in a high-profile case. In this article, we explore how EviSeed and EviVault NFC HSM technologies could have prevented this theft.

The Significance of Mnemonic Phrases and Private Keys

Before delving into the advantages offered by EviSeed and EviVault, let’s first understand the significance of mnemonic phrases and private keys in cryptocurrency wallet security.

Understanding Mnemonic Phrases and Private Keys’ Role in Cryptocurrency Wallet Security

A mnemonic phrase consists of words used to generate and restore your private key, granting access to your cryptocurrency wallet and enabling transactions.Typically composed of 12, 18, or 24 words selected from a standardized list known as BIP39, a mnemonic phrase might look like:

apple, banana, lemon, orange, strawberry, kiwi, pineapple, mango, melon, watermelon, cherry, plum.

This mnemonic phrase is of utmost importance as it represents the sole means of recovering your cryptocurrency wallet in case of loss or theft of the storage device (e.g., smartphone, computer, USB key). Users must meticulously back it up and should never share it with anyone.

A private key, on the other hand, consists of a sequence of numbers and letters corresponding to the mnemonic phrase. It is employed for signing transactions and confirming ownership of the cryptocurrency wallet. A private key example is:

Securing Cryptocurrency Wallets

Now that we’ve examined the importance of mnemonic phrases and private keys, let’s discuss the risks associated with traditional backup methods and how EviSeed and EviVault technologies provide enhanced security solutions.

The Risks of Traditional Backup Methods for Mnemonic Phrases and Private Keys

Nevertheless, these methods have several drawbacks when it comes to cryptocurrency wallet security. Most cryptocurrency users choose to back up their mnemonic phrases and private keys using paper or metal media:

  • Impracticality: Manually writing or engraving mnemonic phrases and private keys can be tedious and prone to errors.
  • Inefficiency: Retrieving a cryptocurrency wallet or making transactions requires typing or memorizing the mnemonic phrase and private key, which can be time-consuming and cumbersome.
  • Lack of Durability: Paper and metal supports degrade over time, can be lost, damaged, or susceptible to environmental factors like fire, water, and physical harm.
  • Vulnerability: Physical and logical attacks are potential risks. For instance, if someone finds the support containing the mnemonic phrase and private key, they can access the cryptocurrency wallet and transfer funds to another address. If the support is connected to the internet, it can be infected with malware capable of stealing the mnemonic phrase and private key.

Why is Crypto Wallet Security Important?

Crypto wallet security involves protecting your crypto assets from unauthorized access, theft, or loss. Crypto wallet security involves two main components: your mnemonic phrase and your private key. Your mnemonic phrase is a sequence of words that is used to generate and restore your private key, which is the key that allows you to access your crypto wallet and make transactions. The mnemonic phrase and the private key are very important, because they are the only way to recover your crypto wallet in case of loss or theft of the support on which it is stored (smartphone, computer, USB key, etc.). You must therefore backup them carefully and never disclose them to anyone.

Crypto wallet security is important because cryptocurrencies are valuable and vulnerable to attacks. Hackers can exploit vulnerabilities in platforms storing and exchanging cryptocurrencies, employ phishing, malware, or social engineering to deceive users into disclosing their mnemonic phrases or private keys. If hackers get access to these keys, they can transfer the funds to their own addresses and make them untraceable. Therefore, you need to choose reliable and secure backup solutions for your mnemonic phrases and private keys, such as EviSeed and EviVault.

Enhancing Crypto Wallet Security with EviSeed

Now let’s find out how EviSeed technology enhances the security of the crypto wallet. It offers a secure alternative to traditional backup methods.

Simplicity and Automation for Enhanced Crypto Wallet Security

EviSeed simplifies crypto wallet creation, completing all tasks within seconds. It efficiently manages and encrypts mnemonic phrases and their corresponding private keys within the NFC HSM. This automation extends to generating public keys and addresses, ensuring robust Crypto Wallet Security. Importantly, this process occurs offline, shielding sensitive data from exposure. Users can effortlessly monitor their balances using their paired Android NFC smartphones.

Rigorous Security Measures: Protecting Your Crypto Wallet Security

EviSeed employs cutting-edge AES-256 post-quantum encryption in conjunction with key segmentation. Even if malicious actors gain physical access to the NFC HSM, decrypting the mnemonic phrase remains an insurmountable challenge without access to encryption keys and corresponding segments. The device features five segmented encryption keys, bolstered by up to four additional authentication criteria for each wallet, significantly enhancing Crypto Wallet Security. These criteria encompass geographic zones, fingerprints, BSSIDs (Wi-Fi network identifiers), and UIDs of paired Android NFC smartphones.

Multi-Layered Protection: Safeguarding Your Crypto Wallet Security

Access to the NFC HSM is exclusively possible via the Freemindtronic application, seamlessly integrating EviSeed technology for added security, reinforcing your Crypto Wallet Security. In the unlikely event of theft, attackers would require knowledge of all unique authentication criteria to decrypt the private key. Moreover, EviSeed generates an encrypted QR code containing your mnemonic phrase. This QR code can be printed, shared, sent, or used for backup between NFC HSMs, employing RSA 4096 encryption, further enhancing your Crypto Wallet Security. EviSeed also enables hassle-free crypto wallet creation, including an automatic backup of BIP39 seed phrases within NFC HSMs, alongside your private key. The technology effortlessly generates public keys and addresses, allowing you to conduct operations securely, all while maintaining the confidentiality of your seed phrase and private key.

Unmatched Durability for Uncompromising Crypto Wallet Security

NFC HSM devices used by EviSeed are engineered for resilience, with military-grade coatings that protect against water, extreme temperatures ranging from -40°C to +120°C, shocks, and scratches. These devices boast an impressive lifespan, powered by energy recovery from the paired Android smartphone’s NFC signal, ensuring long-term Crypto Wallet Security.

By integrating EviSeed NFC HSM technology into their crypto security strategy, users can significantly bolster the safety of their assets, mitigating the vulnerabilities associated with conventional backup methods, and fortifying their Crypto Wallet Security.

How EviVault NFC HSM Enhances Crypto Wallet Security

Now, let’s explore the remarkable capabilities of EviVault NFC HSM and how it elevates crypto wallet security to unprecedented levels.

A Distinctive Approach to Safeguarding Crypto Wallets

EviVault NFC HSM stands apart as a distinct technology from EviSeed NFC HSM. Its primary objective is to secure cryptocurrency-derived private keys physically and offline, all within a lightning-fast process of fewer than four seconds. This is achieved by scanning the QR code of the derived private key, ensuring swift and robust Crypto Wallet Security.

Error-free backup and storage

EviVault simplifies the process further by allowing users to securely record the BIP39-generated recovery phrase, and automatically store it encrypted in an NFC HSM. The user can easily select without using the keyboard assisted by automatic error control system. This has the effect of further strengthening the security of the cryptographic wallet by preventing the backup process in case of error. Thus, all these protection mechanisms are airtight to physical, logical or online threats.

Streamlined Security for Crypto Wallets

EviVault introduces a series of advantages over conventional methods that enhance Crypto Wallet Security comprehensively:

  • Simplicity: Users no longer need to manually enter the derived private key. The cumbersome practice of writing, engraving, or copying private keys in plain text, which can be susceptible to malicious third parties, becomes obsolete. Instead, users can swiftly scan the encrypted QR code of the derived private key, created by EviSeed technology, and store it securely within an EviVault NFC HSM in under four seconds.
  • Efficiency: Gone are the days of memorizing or typing private keys, or risking exposure by storing them in unencrypted forms. By merely passing their Android NFC smartphone paired with the NFC HSM under the NFC antenna, users can view the private key or its compressed/uncompressed public address. The technology even allows for secure sharing of private keys and encrypted public addresses via a pair of RSA 4096 keys, all without exposing sensitive data to the user’s phone or computer.
  • Durability: EviVault stands out with its robust design, devoid of connectors, screens, batteries, buttons, or any other wear-prone components. It offers a lifetime of service, powered by energy recovery from the paired Android smartphone’s NFC signal. Furthermore, EviVault NFC HSM devices, like their EviSeed counterparts, exhibit resistance to water, extreme temperatures ranging from -40°C to +120°C, shocks, and scratches, thanks to a military-grade component coating, ensuring top-tier Crypto Wallet Security in harsh environments.
  • Unyielding Security Measures: EviVault incorporates EviCore NFC HSM technology, featuring post-quantum AES-256 encryption and advanced key segmentation. Even if potential attackers gain physical access to the NFC card, decrypting the private key remains an insurmountable task without access to the encryption keys and corresponding segments, each exceeding 256 bits in complexity. Additionally, users can bolster Crypto Wallet Security by adding up to four segmented authentication criteria for each wallet, including geographical zones, fingerprints, BSSIDs (Wi-Fi network identifiers), or UIDs of paired Android NFC smartphones. Access to the NFC card remains exclusive through the Freemindtronic application, which incorporates EviVault technology, fortifying Crypto Wallet Security with an additional layer of protection.

Incorporating EviSeed or EviVault NFC HSM technology into their crypto security strategy empowers cryptocurrency users to elevate the security of their holdings significantly. These technologies not only eliminate vulnerabilities associated with conventional backup methods but also provide formidable protection against both physical and digital threats, ensuring unparalleled Crypto Wallet Security in today’s dynamic digital landscape.

Summary of Enhanced Cryptocurrency Security

The Crucial Role of Crypto Wallet Security

In summary, EviSeed and EviVault NFC HSM technologies offer innovative solutions to enhance cryptocurrency wallet security, safeguarding digital assets from physical and digital threats.

Protecting Your Investments

Given the increasing adoption of cryptocurrencies, it’s essential to invest in secure storage solutions such as EviSeed and EviVault for effective investment protection.

How a Flaw in the Unencrypted Private Key Backup System Allowed the North Korean Hackers to Steal $41 Million in Crypto from StakeCube and How EviSeed and EviVault Could Have Prevented It

March 2023 witnessed a group of North Korean hackers, Lazarus, or APT38. They stole $41 million in cryptocurrencies from StakeCube, an online casino and betting platform. These hackers took advantage of a flaw in the backup system; it stored unencrypted private keys on a centralized and insecure server. These attackers copied the private keys of more than 50,000 users from the server. Subsequently, they transferred the funds to their own addresses using these keys. These attackers evaded detection for several months with great organization and methodology. These attackers also concealed and laundered the stolen funds to make them hard to trace.

This incident emphasizes the significance of cryptocurrency wallet security and the necessity to select dependable and secure backup solutions for private keys and mnemonic phrases. In this article, we will show you how EviSeed and EviVault, two technologies developed by Freemindtronic, can help you protect your crypto assets from hackers.

Lazarus-affiliated North Korean hackers are renowned for their sophisticated attacks. In the case of the StakeCube theft, they demonstrated a high level of organization and methodology. However, EviSeed and EviVault’s advanced security features could have acted as formidable barriers, enhancing crypto wallet security.

  • Advanced encryption: EviSeed uses post-quantum AES-256 encryption, which makes it virtually impossible for hackers to decrypt the mnemonic phrases and private keys stored, even if they physically access the device.
  • Key segmentation: EviSeed’s key segmentation would have added another layer of protection. Without knowledge of the encryption keys and corresponding segments, which are greater than 256 bits, attackers couldn’t access the private keys.
  • Authentication criteria: Users can set up to four additional segmented authentication criteria for each wallet, including geographic zones, fingerprints, BSSID (Wi-Fi network identifiers) or UID of paired Android NFC smartphones. This would have made it extremely challenging for hackers to gain access.
  • Offline storage: EviSeed works offline, ensuring that mnemonic phrases and private keys are never exposed to the internet, a common entry point for hackers.

Cyber-Attack-Proof Crypto Wallet Security via EviVault

Cryptocurrencies are valuable digital assets that need protection from hackers or accidents. But how can you secure your crypto wallet effectively and easily? The answer is EviVault NFC HSM, an innovative solution that uses NFC technology to encrypt and backup your private keys.

You know how difficult it can be to back up and encrypt your private keys with traditional methods. This is also where the EviVault NFC HSM technology comes in. Let’s take a look at how EviVault improves crypto wallet security against potential threats, such as North Korean hackers. In the context of protecting your digital assets, we will discover how EviVault combines several protection measures:

  • Fortifying Physical Security: EviVault’s resolute physical security measures would have posed an insurmountable challenge to hackers. The private keys, nestled within the NFC card, would remain impenetrable.
  • Rampart of Encryption and Key Segmentation: EviVault would have placed attackers in a cryptographic deadlock. It employs post-quantum AES-256 encryption and meticulous key segmentation. Decrypting the private keys would become an exercise in futility.
  • Enhancing Authentication Criteria: EviVault introduces a layer of complexity by incorporating additional authentication criteria, such as geographic zones and fingerprints. These sophisticated layers would have further confounded hackers, rendering their attempts futile.
  • EviCore Integration: An Extra Layer of Security Access to the NFC card is exclusively governed by the Freemindtronic application, intricately woven with EviVault technology. This integration bestows an added layer of security. It ensures that even if the NFC HSM were stolen, attackers would be stymied by the intricate web of authentication criteria required to decrypt the private key.

We can’t rewrite history or reverse the result of the Stake hack, but it’s clear that EviSeed and EviVault NFC HSM technologies are strong advocates. These are indispensable tools to strengthen the security of the crypto wallet in today’s digital landscape. They act as your shield against potential threats. Note that the Keepser product an NFC Cold Wallet embedding EviVault NFC HSM technology from Freemindtronic click here to learn more.

Official Sources

To support the information presented in this article, we have used the following official sources:

  • [FBI press release] that attributes the theft to Lazarus, a North Korean state-sponsored cybercrime unit.
  • [IMF report] that analyzes the risks and challenges related to crypto-assets and proposes recommendations to strengthen supervision and international cooperation.
  • [Stake.com official website], the online casino and betting platform victim of the theft, that explains how the theft occurred and how they plan to reimburse their users.
  • [Freemindtronic official website], the company that developed EviSeed and EviVault technologies, that presents the benefits and features of these secure backup solutions for private keys and mnemonic phrases.
Articles, EviVault Technology, News, Uncategorized

Why choose a Cold Wallet NFC HSM to secure your cryptocurrencies?

Posted on by FMTAD
Secure your cryptocurrencies with a cold wallet NFC HSM hacker hood with laptop secure cryptocurrencies the fatal mistake of using a virtual password manager lastpass hacked
10
Sep

secure your cryptocurrencies with a cold wallet NFC HSM by Jacques Gascuel: This article will be updated with any new information on the topic.  

Secure your cryptocurrencies offline by Cold Wallet NFC HSM

Did you know that password managers and hot wallets can be hacked, leaked or stolen? In this article, we will show you a better solution: the cold wallet NFC HSM. It is a physical wallet that uses NFC technology to store and manage your private keys and recovery phrases offline. It is simple, efficient, durable and secure. Read on to find out more!

How to secure your cryptocurrencies with a cold wallet NFC HSM is the topic of this article. Cryptocurrencies are digital currencies that offer many benefits, but also pose risks, especially in terms of security. To avoid losing or having your funds stolen, there is a solution: the cold wallet NFC HSM. It is a physical wallet that uses NFC technology to store and manage your private keys and recovery phrases offline, without internet connection or contact with a third party. The cold wallet NFC HSM uses patented technologies by Freemindtronic, an Andorran company specialized in security and protection of computer systems and information systems. These technologies are EviSeed and EviVault. In this article, we will explain why you should use a cold wallet NFC HSM to secure your cryptocurrencies and how to do it.

Why you need a cold wallet NFC HSM to secure your cryptocurrencies

If you own cryptocurrencies, you know that it is essential to protect your private keys and recovery phrases, which are the only means of accessing your funds. These sensitive data are often stored on online services, such as password managers, clouds or exchange platforms. These services offer some convenience, but they also pose significant risks:

  • You depend on a third party that can be victim of an attack, a flaw or a closure. If the service is compromised, you can lose access to your cryptocurrencies or have them stolen.
  • You do not have full control over your data, which can be exposed to leaks, thefts or legal requests. If someone accesses your private keys or recovery phrases, they can transfer your cryptocurrencies to another wallet without your consent.
  • You do not have the guarantee that your data are encrypted end-to-end, which means that they can be read or modified by the service or by a third party. If your data are stored in plain text or with weak encryption, they can be easily decrypted by a hacker.

These risks are not hypothetical. They are real and have already caused many losses for cryptocurrency users. Here are some statistics that show the dangers of storing cryptocurrencies online:

The statistics on the security incidents of password managers and hot wallets

  • A study by Verizon in 2021 showed that 81% of global data breach notifications were related to a password issue.
  • A survey conducted by Google in 2020 revealed that only 15% of users used an online password manager.
  • A report by CipherTrace published in 2020 stated that thefts and frauds related to cryptocurrencies reached 1.9 billion dollars in 2020.
  • A study by Chainalysis published in 2019 reported that exchange platforms suffered 11 major attacks in 2019, resulting in the loss of more than 283 million dollars in cryptocurrencies.
  • An analysis performed by Independent Security Evaluators in 2017 found that five of the main password managers presented critical vulnerabilities that allowed attackers to access the stored passwords.

The recent example of the hacking of LastPass and the thefts of cryptocurrencies

A recent example shows the dangers of storing recovery phrases or private keys online. LastPass, a password management service, had two major security incidents in 2022. A hacker accessed the source code, technical information and vaults of customers. Several experts linked these incidents to a series of cryptocurrency thefts. More than 150 victims lost more than 35 million dollars. These experts said that the victims had used LastPass to store their recovery phrases.

These incidents prove that virtual password managers are not good for securing cryptocurrencies. They do not encrypt or protect your data enough. They can also suffer from attacks or flaws that expose or change your data.

For more details about these incidents and their link to the crypto thefts, you can check these sources:

Therefore, you need a safer and more reliable solution to store and manage your cryptocurrencies: the cold wallet NFC HSM. It is a physical wallet that uses NFC technology to store and manage your private keys and recovery phrases offline, without internet connection or contact with a third party. The cold wallet NFC HSM uses patented technologies by Freemindtronic, an Andorran company specialized in security and protection of computer systems and information systems. These technologies are EviSeed and EviVault.

In the next section, we will explain how the cold wallet NFC HSM works and what are its advantages.

How the cold wallet NFC HSM works and what are its advantages

The cold wallet NFC HSM is a physical wallet that uses NFC (Near Field Communication) technology to store and manage your private keys and recovery phrases offline, without internet connection or contact with a third party. The cold wallet NFC HSM uses patented technologies by Freemindtronic, an Andorran company specialized in security and protection of computer systems and information systems. These technologies are EviSeed and EviVault.

EviSeed is a technology that allows you to backup your recovery phrases in an encrypted way on the NFC HSM support of your choice. EviSeed also generates a QR code containing your encrypted recovery phrase, which you can print, share, send or save between NFC HSM supports by scanning the QR code encrypted in RSA 4096. You can also exchange your encrypted recovery phrases in NFC Beam or proximity between phones by wifi or Bluetooth.

EviVault is a technology that allows you to store and manage your private keys on the NFC HSM support of your choice. It is designed to protect your sensitive data and transactions from unauthorized access or alteration. It can be used as a secure element for authentication, encryption, digital signature or blockchain applications.

The cold wallet NFC HSM offers several advantages over other cold wallets:

Simplicity

You do not need to write or engrave your recovery phrases or private keys, just scan them with the application developed by Freemindtronic that embeds the EviSeed or EviVault technologies dedicated to securing blockchain and cryptocurrency keys on your NFC Android smartphone and transfer them to the NFC HSM support of your choice.

Efficiency

You do not need to memorize or type your recovery phrases or private keys, just scan them with your smartphone to restore your wallet.

Durability

The NFC HSM support that you choose to store your recovery phrases or private keys can be resistant to water, fire, shocks and scratches. It does not deteriorate over time. It does not require battery or internet connection.

Security

The NFC HSM support uses a patented segmented key technology, which means that your private keys are divided into several parts that are distributed between the support, the application and your smartphone. Thus, even if one of the elements is compromised, your cryptocurrencies remain protected.

To use a cold wallet NFC HSM to secure your cryptocurrencies, you must follow these steps:

  • Download the application developed by Freemindtronic that embeds the EviSeed or EviVault technologies dedicated to securing blockchain and cryptocurrency keys on your NFC Android smartphone.
  • Create or import your cryptocurrency wallet on the application.
  • Scan your recovery phrase or private key with the application.
  • Choose the NFC HSM support on which you want to save your recovery phrase or private key: an EviVault compatible Keepser or an EviSeed compatible SeedNFC.
  • Transfer your encrypted recovery phrase or private key to the NFC HSM support.
  • To restore your wallet, scan again the NFC HSM support with the application.

To sum up, a cold wallet NFC HSM is a simple, efficient and durable way to secure your cryptocurrencies. Freemindtronic, an innovative and patented company, created this solution. You have full control over your private keys and recovery phrases with a cold wallet NFC HSM. You do not depend on an online service. It protects you from hackers, thieves or losses. You should use a cold wallet NFC HSM to protect your cryptocurrencies if you own them. You can order it on Freemindtronic’s website or from its partners.