Category Archives: News

image_pdfimage_print

RSA Encryption: How the Marvin Attack Exposes a 25-Year-Old Flaw

NFC HSM Devices and RSA 4096 encryption a new standard for cryptographic security serverless databaseless without database by EviCore NFC HSM from Freemindtronic Andorra
Marvin attack RSA algorithm & NFC HSM RSA-4096 by Jacques Gascuel: This article will be updated with any new information on the topic.

Decrypting Marvin’s Assault on RSA Encryption!

Simply explore the complex area of ​​RSA encryption and discover strategies to repel Marvin’s attack. This article examines the intricacies of RSA 4096 encryption, ensuring your cryptographic keys and secrets are protected. Discover an innovative NFC HSM RSA 4096 NFC encryption protocol, serverless and databaseless.

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

How the RSA Encryption – Marvin Attack Reveals a 25-Year-Old Flaw and How to Protect Your Secrets with the NFC HSM Devices

RSA encryptionRSA encryption is one of the most widely used encryption algorithms in the world, but it is not flawless. In fact, a vulnerability of RSA encryption, known as the Marvin attack, has existed for over 25 years and could allow an attacker to recover the private key of a user from their public key. This flaw, which exploits a mathematical property of RSA encryption, was discovered in 1998 by the cryptographer Daniel Bleichenbacher, but it was never fixed or disclosed to the public. In the first part of this article, we will explain in detail how the Marvin attack works and what it means for the security of RSA encryption.

Moreover, NFC HSM and RSA 4096 represent a new dimension in cryptographic security. These technologies allow you to protect and use your cryptographic keys and secrets within a contactless device that communicates with your smartphone through NFC (Near Field Communication). The main advantage they offer is the formidable defense against cyberattacks, achieved by implementing state-of-the-art encryption algorithms and strong security protocols. You can discover more about the very simple functioning of NFC HSM devices for RSA 4096 encryption, as well as their multiple benefits, by reading until the end of this article. Moreover, we will highlight how Freemindtronic used the extreme level of safety of an NFC HSM device to establish, without contact and only on demand, a virtual communication tunnel encrypted in RSA-4096 without a server, without a database, from an NFC HSM device.

The Marvin Attack: Unveiling a 25-Year-Old RSA Flaw

Understanding the Marvin Attack

The Marvin attack targets the RSA algorithm, a foundational asymmetric encryption technique characterized by the use of two distinct keys: a public key and a private key. The public key serves to encrypt data, while the private key is responsible for decryption. These keys mathematically intertwine, yet revealing one from the other presents an exceedingly challenging task.

Named after Marvin the Paranoid Android from “The Hitchhiker’s Guide to the Galaxy,” this attack exploits a vulnerability in the RSA algorithm discovered by Swiss cryptographer Daniel Bleichenbacher in 1998. The vulnerability relates to the padding scheme that the RSA algorithm uses to introduce random bits into the data before encryption. The padding scheme has a design. It makes the encrypted data look random. It also thwarts attacks based on statistics. However, Bleichenbacher showed his ingenuity. He sent special messages to a server. The server used RSA encryption. By doing so, he could learn about the padding scheme. He could also recover the private key.

Implications of the Marvin Attack

The Marvin attack has profound implications for the security and confidentiality of your secrets. If an attacker successfully retrieves your private key, they gain unfettered access to decrypt all your encrypted data and compromise your confidential information. Furthermore, they can impersonate you by signing messages or executing transactions on your behalf.

The Marvin attack isn’t limited to a single domain; it can impact any system or application that uses RSA encryption with a vulnerable padding scheme. This encompasses web servers that employ HTTPS, email servers that use S/MIME, and blockchain platforms that rely on digital signatures.

Notably, NFC HSM devices that use RSA encryption for secret sharing are vulnerable to the Marvin attack. NFC HSM, short for Near Field Communication Hardware Security Module, is a technology facilitating the storage and utilization of cryptographic keys and secrets within contactless devices such as cards, stickers, or keychains. These devices communicate with smartphones via NFC, a wireless technology enabling short-range data exchange between compatible devices.

If an attacker intercepts communication between your NFC HSM device and smartphone, they may try a Marvin attack on your device, potentially recovering your private key. Subsequently, they could decrypt secrets stored within your device or gain access to your online accounts and services.

The Common Factor Attack in RSA Encryption

Understanding the Common Factor Attack

In the realm of RSA encryption, attackers actively exploit a vulnerability known as the Common Factor Attack. Here’s a concise breakdown:

1. Identifying Shared Factors

  • In RSA encryption, public keys (e, n) and private keys (d, n) play pivotal roles.
  • Attackers meticulously seek out common factors within two public keys, exemplified by (e1, n1) and (e2, n2).
  • Upon discovering a shared factor, their mission gains momentum.

2. Disclosing the Missing Factor

  • Once a common factor ‘p’ surfaces, uncovering its counterpart ‘q’ becomes relatively straightforward.
  • This is achieved through the simple act of dividing one key’s module by ‘p’.

3. Attaining Private Keys

  • Empowered with ‘p’ and ‘q,’ attackers adeptly compute private keys like ‘d1’ and ‘d2.’
  • This mathematical process involves modular inverses, bestowing them with access to encrypted content.

4. Decrypting Messages with Precision

  • Armed with private keys ‘d1’ and ‘d2,’ attackers skillfully decrypt messages initially secured by these keys.
  • Employing the formula ‘m = c^d mod n,’ they meticulously unlock the concealed content.

This simplified overview sheds light on the Common Factor Attack in RSA encryption. For a more comprehensive understanding, delve into further details here

Safeguarding Against the Marvin Attack

To fortify your defenses against the Marvin attack, it is imperative to employ an updated version of the RSA algorithm featuring a secure padding scheme. Secure padding ensures that no information about the encrypted data or private key is leaked. For example, you can adopt the Optimal Asymmetric Encryption Padding (OAEP) scheme, a standard endorsed by RSA Laboratories.

Additionally, utilizing a reliable and secure random number generator for generating RSA keys is essential. A robust random number generator produces unpredictable and difficult-to-guess random numbers, a critical element for the security of any encryption algorithm, as it guarantees the uniqueness and unpredictability of keys.

The Marvin attack, though a 25-year-old RSA flaw, remains a persistent threat capable of compromising the security of RSA-encrypted data and communications. Vigilance and adherence to cryptographic best practices are essential for shielding against this menace.

Choosing a trusted and certified provider of NFC HSM devices and RSA encryption services is equally pivotal. A reputable provider adheres to industry-leading security and quality standards. Freemindtronic, a company based in Andorra, specializes in NFC security solutions and has developed a plethora of technologies and patents grounded in NFC HSM devices and RSA 4096 encryption. These innovations offer a spectrum of advanced features and benefits across diverse applications.

In the following section, we will delve into why Freemindtronic has chosen to utilize RSA 4096 encryption in the context of the Marvin attack. Additionally, we will explore how Freemindtronic secures secret sharing among NFC HSM devices, elucidate the concept of NFC HSM devices, and unveil the advantages and benefits of the technologies and patents pioneered by Freemindtronic.

How Does RSA 4096 Work?

RSA 4096 is built upon the foundation of asymmetric encryption, employing two distinct keys: a public key and a private key. The public key can be freely disseminated, while the private key must remain confidential. These keys share a mathematical relationship, but uncovering one from the other poses an exceptionally daunting challenge.

RSA 4096 hinges on the RSA algorithm, relying on the formidable complexity of factoring a large composite number into the product of two prime numbers. RSA 4096 employs prime numbers of 4096 bits in size, rendering factorization virtually impossible with current computational capabilities.

RSA 4096 facilitates four primary operations:

  1. Encryption: Transforming plaintext messages into encrypted messages using the recipient’s public key. Only the recipient can decrypt the message using their private key.
  2. Decryption: Retrieving plaintext messages from encrypted ones using the recipient’s private key. Only the recipient can perform this decryption.
  3. Signature: Adding an authentication element to plaintext messages using the sender’s private key. The recipient can verify the signature using the sender’s public key.
  4. Signature Verification: Validating the authenticity of plaintext messages and their sender using the sender’s public key.

In essence, RSA 4096 ensures confidentiality, integrity, and non-repudiation of exchanged messages.

But how can you choose and utilize secure RSA keys? Are there innovative solutions available to bolster the protection of cryptographic secrets? This is the focal point of our next section, where we will explore the technologies and patents developed by Freemindtronic for RSA 4096 secret sharing among NFC HSM devices.

Technologies and Patents Developed by Freemindtronic for RSA 4096 Secret Sharing among NFC HSM Devices

Freemindtronic employs RSA 4096 to secure the sharing of secrets among NFC HSM devices, driven by a commitment to robust security and trust. RSA 4096 stands resilient against factorization attacks, the most prevalent threats to RSA encryption. It upholds the confidentiality, integrity, and non-repudiation of shared secrets.

Freemindtronic is acutely aware of the potential vulnerabilities posed by the Marvin attack. This attack can compromise RSA if the prime numbers used to generate the public key are too close in proximity. Therefore, Freemindtronic diligently adheres to cryptographic best practices when generating robust and random RSA keys. This involves using large prime numbers, usually larger than 2048 bits, and employing a dependable and secure random number generator Freemindtronic regularly validates the strength of RSA keys through online tools or other means and promptly replaces keys suspected of weakness or compromise.

In summary, Freemindtronic’s selection of RSA 4096 is informed by its robustness. This choice is complemented by unwavering adherence to cryptographic best practices. The incorporation of the EVI protocol bolsters security, ensuring the imperviousness of secrets shared among NFC HSM devices. This will be further elucidated in the following sections

Why Freemindtronic Utilizes RSA 4096 Against the Marvin Attack

Freemindtronic’s choice to utilize RSA 4096 for securing secret sharing among NFC HSM devices is grounded in its status as an asymmetric encryption algorithm renowned for delivering a high level of security and trust. RSA 4096 effectively resists factorization attacks, which are among the most prevalent threats against RSA encryption. It guarantees the confidentiality, integrity, and non-repudiation of shared secrets.

To address the potential consequences of the Marvin attack, Freemindtronic meticulously follows cryptographic best practices when generating strong and random RSA keys. The company employs prime numbers of substantial size, typically exceeding 2048 bits, in conjunction with a reliable and secure random number generator. Freemindtronic vigilantly validates the strength of RSA keys and promptly replaces them if any suspicions of weakness or compromise arise.

Moreover, Freemindtronic harnesses the power of the EVI (Encrypted Virtual Interface) protocol, which enhances RSA 4096’s security profile. EVI facilitates the exchange of RSA 4096 public keys among NFC HSM devices, introducing a wealth of security measures, including encryption, authentication, anti-cloning, anti-replay, anti-counterfeiting, and the use of a black box. EVI also enables the transmission of secrets encrypted with the recipient’s RSA 4096 public key, using the same mechanism.

In summary, Freemindtronic’s selection of RSA 4096 is informed by its robustness, complemented by unwavering adherence to cryptographic best practices. The incorporation of the EVI protocol bolsters security, ensuring the imperviousness of secrets shared among NFC HSM devices. This will be further elucidated in the following sections.

How Freemindtronic Utilizes RSA 4096 to Secure Secret Sharing Among NFC HSM Devices

Freemindtronic leverages RSA 4096 to fortify the security of secret sharing among NFC HSM devices, following a meticulously orchestrated sequence of steps:

  1. Key Generation: RSA 4096 key pairs are generated on each NFC HSM device, utilizing a dependable and secure random number generator.
  2. Public Key Exchange: The RSA 4096 public keys are exchanged between the two NFC HSM devices using the EVI (Encrypted Virtual Interface) protocol. EVI introduces multiple layers of security, including encryption, authentication, anti-cloning, anti-replay, anti-counterfeiting measures, and the use of a black box.
  3. Secret Encryption: The secret is encrypted using the recipient’s RSA 4096 public key, employing a hybrid encryption algorithm that combines RSA and AES.
  4. Secure Transmission: The encrypted secret is transmitted to the recipient, facilitated by the EVI protocol.
  5. Secret Decryption: The recipient decrypts the secret using their RSA 4096 private key, employing the same hybrid encryption algorithm.

Through this meticulous process, Freemindtronic ensures the confidentiality, integrity, and non-repudiation of secrets exchanged between NFC HSM devices. This robust approach thwarts attackers from reading, altering, or falsifying information protected by RSA 4096.

But what exactly is an NFC HSM device, and what communication methods exist for secret sharing among these devices? What are the advantages and benefits offered by the technologies and patents pioneered by Freemindtronic? These questions will be addressed in the subsequent sections.

What Is an NFC HSM Device?

An NFC HSM (Near Field Communication Hardware Security Module) is a specialized hardware security module that communicates wirelessly with an Android smartphone via NFC (Near Field Communication) technology. These devices come in the form of cards, stickers, or keychains and operate without the need for batteries. They feature EEPROM memory capable of storing up to 64 KB of data.

NFC HSM devices are designed to securely store and utilize cryptographic keys and secrets in an isolated and secure environment. They shield data from cloning, replay attacks, counterfeiting, or extraction and include an access control system based on segmented keys.

One prime example of an NFC HSM device is the EviCypher NFC HSM developed by Freemindtronic. This technology allows for the storage and utilization of cryptographic keys and secrets within a contactless device, such as a card, sticker, or keychain. EviCypher NFC HSM offers a range of features, including offline isolation, seamless integration with other technologies, and enhancements to the user experience. With its robust security measures and innovative features, EviCypher NFC HSM sets a new standard for secure communication and secret management in the digital realm.

Resistance Against Brute Force Attacks on NFC HSM

The RSA 4096 private key is encrypted with AES 256. Therefore, the user cannot extract it from the EEPROM memory. The NFC HSM has this memory. It also has other secrets in this memory. This memory is non-volatile. As a result, it can last up to 40 years without power. Consequently, any invasive or non-invasive brute force attack on NFC HSM is destined for failure. This is due to the fact that secrets, including the RSA private key, are automatically encrypted in the EEPROM memory of the NFC HSM using AES-256 with segmented keys of physical origin, some of which are externalized from the NFC HSM.

Real-Time Secret Sharing with EviCore NFC HSM

An intriguing facet of EviCore NFC HSM technology is its ability to facilitate real-time secret sharing without the need for a remote server or database. EviCore NFC HSM accomplishes this by encrypting secrets with the recipient’s randomly generated RSA 4096 public key directly on their NFC HSM device. This innovative approach to secret sharing eliminates the necessity for a trusted third party. Furthermore, EviCore NFC HSM executes these operations entirely in the volatile (RAM) memory of the phone, leaving no traces of plaintext secrets in the computer, communication, or information systems. As a result, it renders remote or proximity attacks, including invasive or non-invasive brute force attacks, exceedingly complex, if not physically impossible. Our EviCore NFC HSM technology is an Android application designed for NFC-enabled phones, functioning seamlessly with our NFC HSM devices. This application serves as both firmware and middleware, constituting an embedded system, offering optimal performance and compatibility with NFC HSM devices.

What Are the Advantages and Benefits of NFC HSM Devices and RSA 4096 Encryption?

NFC HSM devices and RSA 4096 encryption offer numerous advantages and benefits across various applications and domains. Some of these include:

  1. Enhanced Security and Trust: They bolster security and trust in the digital landscape through the utilization of a robust and efficient encryption algorithm that withstands factorization attacks.
  2. Simplified Key and Secret Management: They simplify the management and sharing of cryptographic keys and secrets by leveraging contactless technology for communication with Android phones via NFC.
  3. Improved Device Performance and Compatibility: They enhance device performance and compatibility by functioning as a firmware-like middleware embedded within an Android application for NFC-enabled phones.
  4. Enhanced User Experience: They improve the user experience of devices by offering features such as offline isolation, seamless integration with other technologies, and enhanced user experiences.

In summary, NFC HSMs and RSA 4096 encryption offer inventive and pragmatic answers to the escalating requirements for security and confidentiality in the digital sphere.

Communication Vulnerabilities 2023: Avoiding Cyber Threats

Person working on a laptop within a protective dome, surrounded by falling hexadecimal ASCII characters, highlighting communication vulnerabilities
The hidden dangers of communication vulnerabilities in 2023  by Jacques Gascuel: This article will be updated with any new information on the topic.

Beware of communication vulnerabilities in 2023

Communication is essential for our personal and professional lives, but it also exposes us to cyber threats. In 2023, hackers will exploit the hidden dangers of communication vulnerabilities to steal data, disrupt services, and spy on users. This article will explain the main types of communication vulnerabilities, their impact, and how to protect yourself from them.

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

Communication Vulnerabilities in 2023: Unveiling the Hidden Dangers and Strategies to Evade Cyber Threats

2023 Security Vulnerabilities in Means of Communication

Communication is essential for individuals and professionals, but it is also exposed to many cyber threats. In 2023, several security breaches affected emails and messages, compromising the security of data, services, and users. These breaches showed the vulnerability of communication systems, which are exposed to increasingly sophisticated and targeted attacks. To protect themselves, users need to encrypt their data and communications with their own keys that they created and stored offline. One of the solutions that can help them achieve this is EviCypher NFC HSM technology by Freemindtronic.

The Reality of Security Breaches in Communication Systems

However, we wanted to highlight a disconcerting reality: users often found themselves defenseless against the hidden dangers of communication vulnerabilities in 2023 that festered beneath the surface for long periods of time. Unaware of these current, imminent or future risks, they unwittingly provided gateways to espionage activities, whether motivated by legitimate or malicious intentions. These vulnerabilities enabled a relentless cycle of cyber victimization, perpetuating the very threats they aimed to mitigate.

For example, iCloud Email operated without end-to-end encryption from its launch in 2011 until December 2022 – a troubling reality that put users in a vulnerable position, their security at the mercy of external factors they could not control.

Another example, several reports by the Citizen Lab have revealed the existence and the use of Pegasus spyware developed by the Israeli company NSO Group, which sells its services to governments and private actors to spy on targets around the world. Moreover, several investigations by the consortium Forbidden Stories have revealed that more than 50,000 phone numbers have been selected as potential targets by NSO Group’s clients, including heads of state, journalists, human rights activists, etc.

Among the most recent examples of these vulnerabilities, we can mention the cyberattack against the US State Department, which was attributed to hackers linked to China.

Chinese hackers hacked 60,000 emails from the US State Department

In March 2023, Chinese hackers hacked 60,000 emails from the US State Department. Some of them were very sensitive to national security and foreign affairs. They used a Microsoft Exchange flaw named Log4Shell. This vulnerability allows hackers to remotely execute malicious code on servers that use this software. It affects millions of servers worldwide. Senator Mark Warner revealed the attack and criticized the lack of transparency and security of the State Department. He called for strengthening cooperation between government agencies and the private sector to cope with cyberthreats. This attack is part of a context of rising tensions between the US and China, who accuse each other of espionage and sabotage on cyberspace.

The other sensitive organs targeted by the attack

Besides the State Department emails, the attack also targeted other sensitive organs, such as:

  • The Bureau of the Coordinator for Cyber Issues, which is responsible for coordinating the State Department’s efforts to prevent and respond to cyberattacks.
  • The Bureau of Consular Affairs, which is in charge of issuing passports and visas, as well as protecting US citizens abroad.
  • The Bureau of Intelligence and Research, which provides analysis and assessments on foreign policy and national security issues.

These sensitive organs hold confidential or personal information that could be used by the Chinese hackers for espionage, blackmail or sabotage. For example, the hackers could access the biometric data of visa applicants, the reports of intelligence agents or the action plans in case of crisis.

The security flaw exploited by the Chinese hackers

The most serious thing is that some servers that were hacked by the Chinese had not been updated with the patch released by Microsoft on December 10, 2022. This shows that the updates are not automatic and that they have to be installed manually. This also shows the lack of responsiveness and vigilance of the IT security managers. They let the Chinese hackers exploit this flaw before it was fixed by Microsoft, who released security updates. Indeed, this cyberattack shows the vulnerability of communication systems and the need to protect them effectively.

A Case of Satellite Messaging Security Vulnerability

Satellite messaging is a means of communication that allows the transmission of electronic messages or calls via a network of artificial satellites. It is used by professionals and individuals in areas with no cellular coverage or those seeking discreet communication. However, satellite messaging is not immune to security vulnerabilities that can compromise data confidentiality and integrity.

In September 2023, a team of cybersecurity researchers uncovered a significant security vulnerability in the Bullitt satellite messaging service. This vulnerability allowed hackers to read and modify messages sent and received by users, as well as access their personal information, including GPS coordinates and phone numbers. Hackers could also impersonate users by sending messages on their behalf. The vulnerability was found in the PubNub-Kotlin API used by the Bullitt Messenger app to manage communication between devices and the service’s servers. Despite alerting Bullitt, the service provider, about this vulnerability, the researchers received no satisfactory response.

This security flaw poses a high risk to satellite messaging users, as their data can be exposed or manipulated by hackers.

Security Vulnerabilities in Communication Systems: A Closer Look

2023 Security Flaws in Communication Channels is a paramount concern for individuals and organizations across the globe. Hackers frequently exploit vulnerabilities within communication protocols and services to launch attacks that can compromise data confidentiality, integrity, and availability. To illustrate the magnitude and gravity of this issue, we have compiled statistics based on our web research:

Security Vulnerabilities in Emails

Emails serve as a central vector for cyberattacks, representing a significant portion of security incidents, with up to 91% of reported incidents, as per cybermalveillance.gouv.fr. Among these email-targeted threats, ransomware attacks are the most prevalent, comprising 25% of reported security incidents. Additionally, it’s striking to note that 48% of malicious files attached to emails are Microsoft Office documents. These statistics underscore the critical importance of implementing robust security measures for emails to guard against evolving threats.

Furthermore, an analysis conducted by the Verizon Data Breach Investigations Report for 20232 highlights that emails remain the primary variety of malicious actions in data breaches, underscoring their continued relevance as a vector for cyberattacks.

However, it is essential to note that email-specific vulnerabilities can vary based on factors such as email protocol vulnerabilities, server configuration errors, human mistakes, among others.

Security Vulnerabilities in Encrypted Messaging Services

Encrypted messaging services like Signal, Telegram, or WhatsApp are not immune to security vulnerabilities, which can compromise message and file confidentiality, integrity, and availability. In March 2023, Cellebrite, an Israeli data extraction company, claimed to have successfully decrypted messages and files sent via Signal. In June 2023, Google disclosed a vulnerability in its RCS service that allowed hackers to send fraudulent messages to Android users, containing malicious links redirecting victims to compromised websites.

Security Vulnerabilities in Communication Protocols

Communication protocols such as SMTP, RCS, or SMS are also susceptible to security vulnerabilities that can enable hackers to intercept, modify, or spoof messages and calls. SS7 vulnerabilities involve attacks exploiting the vulnerabilities of the SS7 protocol, used to establish and terminate telephone calls on digital signaling networks. These attacks can allow hackers to intercept, modify, or spoof voice and SMS communications on a cellular network. In January 2023, a hacking group named Ransomware.vc launched a data extortion campaign targeting organizations using the Progress MOVEit file transfer tool. The hackers exploited an SS7 vulnerability to intercept verification codes sent via SMS to MOVEit users, gaining access to sensitive data. In February 2023, the Ukrainian power grid was hit by a new malware called Industroyer2, attributed to Russian hackers. The malware used an SS7 vulnerability to take control of network operator phone calls, disrupting electricity distribution in the country. In March 2023, Samsung suffered a data breach that exposed the personal and financial information of millions of customers. The breach was caused by an SS7 vulnerability that allowed hackers to access SMS messages containing online transaction confirmation codes.

An Overview of Security Vulnerabilities in Communication Systems

Communication systems exhibit various vulnerabilities, with each element susceptible to exploitation by hackers. These weaknesses can have severe consequences, including financial losses, damage to reputation, or national security breaches.

  • Protocols: Communication protocols, like Internet Protocol (IP), Simple Mail Transfer Protocol (SMTP), Signaling System 7 (SS7), and Rich Communication Services (RCS), can contain security vulnerabilities. These vulnerabilities enable hackers to intercept, modify, or spoof communications on the network. For instance, an SS7 vulnerability allows hackers to eavesdrop on phone calls or read SMS messages on a cellular network.
  • Services: Network services, such as messaging, cloud, streaming, or payment services, possess their own vulnerabilities. These vulnerabilities may permit hackers to access, modify, or delete data within the service. For instance, a vulnerability in an encrypted messaging service enables hackers to decrypt messages or files sent via the service.
  • Applications: Software applications, including web, mobile, desktop, or IoT applications, are prone to security vulnerabilities. These vulnerabilities empower hackers to execute malicious code on a user’s device or gain control of the device itself. For example, a vulnerability in a web application allows hackers to inject malicious code into the displayed web page.
  • Devices: Physical devices, such as computers, smartphones, tablets, or IoT devices, feature their own set of security vulnerabilities. These vulnerabilities can enable hackers to access the device’s data or functionalities. For instance, a vulnerability in a smartphone grants hackers access to the device’s camera, microphone, or GPS.

In conclusion, the multitude of security vulnerabilities in communication systems presents a significant challenge to all stakeholders. Protecting against these vulnerabilities and enhancing cybersecurity is essential to safeguard sensitive data and infrastructure.

How communication vulnerabilities exposed millions of users to cyberattacks in the past years

Communication is essential for our personal and professional lives, but it also exposes us to cyber threats. In the past years, hackers exploited the hidden dangers of communication vulnerabilities to steal data, disrupt services, and spy on users. These vulnerabilities affected software and services widely used, such as Log4j, Microsoft Exchange, Exim, Signal, Telegram, or WhatsApp. Some of these vulnerabilities have been fixed, while others remain active or in progress. The following table summarizes the main communication vulnerabilities in the past years, their impact, and their status.

Name of the breach Type of breach Impact Status Date of discovery Date of patch
Log4j Command injection Control of servers and Java applications Fixed November 24, 2021 December 18, 2021
Microsoft Exchange Remote code execution Data theft and backdoor installation Fixed March 2, 2021
Exim Multiple vulnerabilities Control of email servers June 5, 2020
Signal Denial of service Blocking of messages and calls Fixed May 11, 2020 May 15, 2020
Telegram Deserialization Access to messages and files Fixed January 23, 2021
WhatsApp QR code spoofing Account hacking Fixed October 10, 2019
File-based XSS Code injection Execution of malicious code in the browser Not fixed December 17, 2020 N/A
RCS QR code spoofing Interception, modification or spoofing of messages and calls Not fixed June 17, 2020 N/A
SMS SIM swap fraud Account takeover and identity theft Active or in progress
MMS Stagefright vulnerability Remote code execution and data theft Fixed July 27, 2015 August-September 2015
SolarWinds Orion Supply chain compromise Data theft and backdoor installation Fixed December 8, 2020 February 25, 2023
API PubNub-Kotlin Privilege escalation by deserialization of untrusted data Arbitrary command execution on SolarWinds Platform website Fixed February 8, 2022 April 19, 2023
SS7 Multiple vulnerabilities Data theft, interception, modification or blocking of communications, location tracking or spoofing, fraud Active or in progress 2014 N/A

This table provides a concise overview of the hidden dangers of communication vulnerabilities in 2023, their types, impacts, and current statuses.

EviCypher NFC HSM: The technology that makes your communications invulnerable to security breaches

Security vulnerabilities in the means of communication pose a high risk to users, including satellite messaging, as their data can be exposed or manipulated by hackers. Therefore, effective protection against this threat is essential. This is precisely where the EviCypher NFC HSM technologies mentioned in this article come in as an innovative and secure solution.

EviCypher NFC HSM Technology for Messaging Protection

EviCypher NFC HSM technology is a solution that enables contactless encryption and decryption of data using an NFC card. It employs a hardware security module (HSM) that securely stores encryption keys. It is compatible with various communication services, including emails, SMS, MMS, satellite messaging, and chats.

To use EviCypher NFC HSM technology, simply pair the NFC Card, to an NFC-enabled Android phone and activate it with your fingerprint. Messages sent and received through messaging services are encrypted and decrypted using the NFC card. Only the card owner can access their messages and files. No one can intercept or alter them, even if the  service is compromised by a security vulnerability.

EviCypher NFC HSM technology offers optimal protection for commincation, ensuring data confidentiality and integrity. It also safeguards against other types of security vulnerabilities that may affect communication methods, such as Log4Shell or SolarWinds. It is a simple, effective solution that requires no change in user habits.

What is EviCypher NFC HSM technology?

EviCypher NFC HSM technology is a contactless encryption technology that uses hardware security modules (HSM) devices that communicate via NFC (Near Field Communication) protocols. These devices are EviTag and Evicard, which are small and portable devices that can be attached to a keychain or a card holder. They allow users to store and manage their keys and secrets securely, without relying on third-party services or cloud storage.

How does EviCypher NFC HSM technology work?

EviCypher NFC HSM technology works by encrypting and decrypting data and communications with the user’s own keys that they created and stored offline. The user can use the devices for various applications, such as encrypting emails, messages or files.

To use NFC HSMs, the user must first pair it with their phone. He chooses the option of encryption or decryption on his phone, writes or reads his messages on his phone. Encryption and decryption operations are performed from the NFC HSM itself, without exposing keys or secrets to the phone. The same operation is available on computer via a phone-paired web extension and using the NFC HSM.

Why is EviCypher NFC HSM technology secure and reliable?

EviCypher NFC HSM technology is integrated into a hardware security module that stores encrypted secrets, such as encryption keys, in the highly secure NFC eprom memory. It enables to encrypt contactless communications upstream, in post-quantum AES 256, before sending them. It is thus secure and reliable, because it encrypts the data before transmitting them without ever keeping the message in plain text.

How can EviCypher NFC HSM technology protect you from security breaches?

EviCypher NFC HSM technology can protect you from security breaches by encrypting your data and communications in advance in volatile memory before sending them encrypted without ever keeping the message in clear automatically destroyed and replaced by its encrypted version in AES 256 symmetry considered post quantum. Thus, even if there are security flaws the messages and emails and their attachments remain always encrypted. This can be done from an Android NFC phone and/or from the Freemindtronic extension.

This way, you can avoid being exposed to past, present or future security vulnerabilities, since the encryption is done on the device itself, without exposing the keys or secrets to the phone or computer. Even if your phone or computer is compromised by a hacker or a spyware, they cannot access your data or messages in clear text. Only you can decrypt them with your device and your PIN code.

EviCypher NFC HSM technology is an innovative solution that offers a high level of security and privacy for your communication systems. It is developed by Freemindtronic, an Andorran company specialized in NFC security. It is based on EviCore NFC HSM technology, which is a hardware security module that combines hardware encryption and NFC communication protocols.

In conclusion, the EviCypher NFC HSM technology is integrated into a hardware security module that stores encrypted secrets, such as encryption keys, in the highly secure NFC eprom memory. It allows to encrypt contactless communications upstream, in post-quantum AES 256, before sending them. It is thus secure and reliable, because it encrypts the data before transmitting them without ever keeping the message in plain text.

ZenRAT: The malware that hides in Bitwarden and escapes antivirus software

ZenRAT The-malware-that hides in Bitwarden-and escapes antivirus-software edit by freemindtronic from Andorra
ZenRAT Malware  by Jacques Gascuel: This article will be updated with any new information on the topic.

***

**

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

How this malware hides in Bitwarden and escapes antivirus software to steal your information

ZenRAT is a new malicious software that targets Windows users and hides in fake installation packages of Bitwarden, a popular and secure password manager. This remote access trojan (RAT) was discovered by Proofpoint, a company specialized in cybersecurity. ZenRAT aims to steal sensitive information from users, such as their credentials, passwords, IP addresses or browser data.

How does ZenRAT hide in Bitwarden?

ZenRAT uses a social engineering technique to trick users and make them download a fake installation package of Bitwarden. The malicious website that hosts the file looks very similar to the official Bitwarden website, but it uses a different domain name. The downloaded file contains an executable named ZenRAT, which installs discreetly on the victim’s computer and starts collecting and sending their personal information to a command and control server.

ZenRAT hides in Bitwarden to take advantage of its popularity and credibility, as it is used by millions of users worldwide. By imitating the website and logo of Bitwarden, ZenRAT hopes to attract users who are looking for downloading or updating this software, and to convince them that they are on the official website. Thus, ZenRAT can induce users to install the malicious file without suspicion.

This identity theft technique is commonly used by cybercriminals to spread malware under the guise of legitimate applications. Users should therefore be careful to only download software from a reliable source, and to check the domain name of the website. They should also be wary of advertisements in search engine results, which can be a major vector of infection.

What are the technical means used by ZenRAT to achieve its goals and protect itself?

ZenRAT uses several technical means to achieve its goals and protect itself from protection systems. Among these means, we can mention:

  • Encryption: It encrypts the data it steals and sends to the command and control server, using an AES algorithm with a randomly generated key. Thus, ZenRAT makes it harder to detect and analyze its network traffic by antivirus or firewall software.
  • Polymorphism: ZenRAT changes its appearance and behavior regularly, using techniques such as packing, obfuscation or mutation. Thus, ZenRAT escapes the static signatures of antivirus or intrusion detection software.
  • Geofencing: It checks the geographical location of the infected computer, using the IP address or browser data. If the computer is located in an area that does not interest the hacker, such as Russia or China, ZenRAT stops and uninstalls itself. Thus, ZenRAT reduces the risk of being discovered or analyzed by security researchers.
  • Anti-virtualization: ZenRAT detects if the infected computer is a virtual machine or a sandbox, using indicators such as the name of the CPU, GPU, RAM or hard disk. If so, ZenRAT stops and uninstalls itself. Thus, ZenRAT avoids being studied or neutralized by security experts.
  • QR codes: Malware Rat uses QR codes to communicate with its command and control server, using a dedicated mobile application. Thus, ZenRAT bypasses network filters or proxies that could block its traffic. The QR codes contain encrypted and compressed data, which are decoded and executed by the malware on the infected computer.
  • Password generator: ZenRAT uses a password generator to create random and strong passwords, which it uses to access online accounts of users. Thus, ZenRAT increases its chances of succeeding in brute force or dictionary attacks, and makes it more difficult for users to change or reset their passwords.

These technical means show that ZenRAT is a sophisticated and adaptable malware, which can circumvent or resist various forms of defense. They also testify to the malicious intent of the hacker, who seeks to maximize his impact and minimize his traceability.

Why is RAT a serious threat?

ZenRAT is a serious threat for the security and privacy of Internet users, because it steals personal and confidential information, which can be used to access sensitive services, identify and track users, analyze their habits and preferences, or inject malicious advertisements or spyware. It uses various technical means to spread and hide itself, and it escapes antivirus and security software.

ZenRAT has not yet been widely studied or detected by antivirus or security software. According to Proofpoint, the detection rate of the malicious file on VirusTotal was less than 10% at the time of their analysis. Other sources confirm that ZenRAT is a little-known and rare malware. It is therefore important to be vigilant and only download software from a reliable source, checking the domain name of the website.

ZenRAT is also a malware that specifically targets Windows users, who represent the majority of operating systems in the world. According to StatCounter, Windows had a market share of 72% in September 2023. This means that ZenRAT can potentially infect more than a billion Windows computers worldwide. Moreover, ZenRAT attacks Bitwarden users, a password manager that has more than 25 million users worldwide. By stealing their passwords, ZenRAT can access their online accounts and compromise their security.

Here is a summary table of the main characteristics of ZenRAT:

Attribute Details
Name ZenRAT
Type Remote Access Trojan (RAT)
Platform Windows
Infection Method Fake Bitwarden installation packages
Objective Steal sensitive user information
Technical Means Encryption, polymorphism, geofencing, anti-virtualization, QR codes, password generator
Detection Rate Below 10% on VirusTotal
Main Source Proofpoint1
Associated Threats Typosquatting, phishing, credential theft
Targeted Service Bitwarden password manager
Date of Discovery August 2023
Malicious Email Campaigns Several, targeting organizations across various sectors
Associated Malicious Domains bitwariden[.]com, crazygameis[.]com, obsproject[.]com, geogebraa[.]com
Dedicated Mobile Application ZenRAT Scanner
Fake Installers Bitwarden-Installer-version-2023-7-1.exe, CertificateUpdate-version1-102-90
Signed by Falsely claimed to be signed by Tim Kosse
Copy of Executable Location ApplicationRuntimeMonitor.exe stored in C:Users[username]AppDataRoamingRuntime Monitor
Collected Data CPU Name, GPU Name, OS Version, Installed RAM, IP Address & Gateway, Installed Antivirus, Installed Applications
C2 Communication Server IP: 185[.]186.72.14. Custom C2 protocol used
Unique Features Checks: IsBlockedRegion, IsMutex, IsSmallDisk, IsDetectVM. Logs sent in plain text to C2 server
Indicators of Compromise Several IP addresses and domains, as well as a list of SHA256 for associated files

ZenRAT is therefore a malicious software that attacks strategically Windows operating systems, hiding in fake installation packages of Bitwarden. It uses various technical means to spread and hide itself, and aims to steal sensitive information from users. It represents a serious threat for the security and privacy of Internet users.

Freemindtronic’s Legacy: Rediscovering Excellence

Freemindtronic's Legacy: Rediscovering Excellence

Freemindtronic’s Legacy by Jacques Gascuel: This article will be updated with any new information on the topic.  

Breaking News: Rediscover Excellence with Freemindtronic’s Technological Heritage!

In this exclusive preview, at Freemindtronic, we take immense pride in inviting you to delve into our pioneering legacy in the realm of extreme security. Discover how our company not only reshapes the technological landscape but also has the potential to establish new industry standards in the captivating world of advanced nanotechnology and electronic cyber protection.

2024 Articles Cyberculture legal Legal information News

End-to-End Messaging Encryption Regulation – A European Issue

2024 Eurosatory Events Exhibitions Press release

Eurosatory 2024 Technology Clusters: Innovation 2024 DataShielder Defence

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Articles Cardokey EviSwap NFC NDEF Technology GreenTech Technical News

NFC vCard Cardokey: Revolutionizing Digital Networking

2024 Crypto Currency Cryptocurrency Cyberculture Legal information

EU Sanctions Cryptocurrency Regulation: A Comprehensive Overview

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Cyberculture Legal information

Encrypted messaging: ECHR says no to states that want to spy on them

2024 Articles Digital Security News

BitLocker Security: Safeguarding Against Cyberattacks

Resurrecting Excellence: Freemindtronic’s Legacy in Nanotechnology and the ‘Fullprotect’ Revolution

In 2013, Freemindtronic, a visionary enterprise founded in 2010, celebrated its nomination as a finalist for the prestigious “electron d’Or” award and its recognition as one of the top 10 most innovative mechatronics startups, earning the esteemed European Mechatronics Award. These accolades marked pivotal moments for Freemindtronic, showcasing its groundbreaking ‘Fullprotect’ technology and pioneering contributions to electronic innovation.

A New Chapter Begins with Freemindtronic SL Andorra – Resurrecting Excellence

Freemindtronic SL Andorra, the custodian of a global exclusive patent license for this groundbreaking technology, is embarking on a new chapter. Even though the partnership between STMicroelectronics and Freemindtronic SAS prematurely concluded just before the production of the first FullProtect component, Freemindtronic SL Andorra’s commitment to the project of creating nanotechnological components enters a new dynamic, as we explore new avenues for development.

Nanotechnology Components: A Resilient Legacy – Freemindtronic’s Technological Excellence

The journey begins with the creation of a range of miniaturized electronic components using nanotechnology. Freemindtronic SAS France’s primary objective was to create a range of miniaturized electronic components utilizing nanotechnology. This included the development of the first product range for direct current, covering 5 volts, 12 volts, and 8 volts to 48 volts, in collaboration with STMicroelectronics. This technology has the potential to revolutionize electronic systems, enhance performance, and set new industry standards. While the partnership with STMicroelectronics may have ended, Freemindtronic SL Andorra’s commitment to nanotechnology components remains unyielding, as we seek new avenues for development.

Rekindling Electronic System Protection – Innovating with ‘Fullprotect’

But the heart of the revival lies in the resurrection of ‘Fullprotect,’ the revolutionary technology that redefined electronic system protection. This innovation was designed to safeguard electronic systems from electrical and environmental threats while meticulously recording random events within an immutable “Evidence Box.” It was, and remains, a game-changer in the realm of electronic protection.

A Comprehensive Vision – The Vision of Freemindtronic

This synergy presents a comprehensive vision where technology converges to provide holistic solutions. Freemindtronic’s ‘Fullprotect’ technology sets the stage for a secure and efficient electronic landscape.

Expanding Horizons with Global Patents – International Patents and Innovations

Advantageously, Freemindtronic’s innovation, Argos One NFC, based on the patent FR2941572, is not an isolated triumph. It seamlessly integrates with the company’s other innovations in the realms of safety and cybersecurity, both of which hold international patents.

The Evolution of EviKey NFC HSM – EviKey NFC HSM: A Technological Evolution

An excellent example of this evolution is EviKey NFC HSM. It represents the discreet version of several other patented NFC HSM technologies by Freemindtronic SL Andorra, including EviCore, EviPass, EviSeed, EviVault, EviSign, EviOTP, EviPC, EviKeyboard, and EviCypher, with silicon integration on the horizon. This exemplifies Freemindtronic’s unwavering commitment to pushing the boundaries of electronic protection and innovation.

Rediscover Excellence with Freemindtronic – Join Us in Rediscovering Excellence

Join us in rediscovering the illustrious journey of Freemindtronic, a legacy of innovation in nanotechnology components and the ‘Fullprotect’ revolution. Together, we’re reigniting the flame of excellence and pioneering the future of electronic protection.

How to secure your SSH key with NFC HSM USB Drive EviKey

NFC HSM USB drive SSH Contactless keys manager EviKey NFC & EviCore NFC HSM Compatible Technologies patented from Freemindtronic Andorra Made in France - JPG

How to Create and Store Your SSH Key Securely with EviKey NFC HSM USB Drive

NFC HSM USB Drive EviKey revolutionizes SSH key storage in our digital era. In a world teeming with cyber threats, safeguarding SSH keys remains paramount. Yet, striking a balance between top-notch security and effortless access often poses challenges. The answer? EviKey’s groundbreaking NFC HSM USB technology. Throughout this guide, we’ll uncover how EviKey stands out, ensuring robust security without forsaking user convenience. So, whether you’re a seasoned tech expert or just beginning your cybersecurity journey, dive in. You’re about to discover the next big thing in digital key storage.

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

How to create and protect your SSH key with NFC HSM USB drive

The NFC HSM USB drive is a device that allows you to create and store your SSH key securely with EviKey technology. EviKey is a patented technology that encrypts your SSH key with a secret code that only you know and that is stored in a NFC tag embedded in the device. You will need to scan the NFC tag with your smartphone or another NFC reader to unlock your SSH key and use it for SSH sessions. You will also learn how to customize the security settings of your device and how to backup and restore your SSH key.

SSH: A secure protocol for remote communication

SSH, or Secure Shell, is a cryptographic protocol that allows you to establish a secure communication between a client and a server. SSH is often used to remotely administer servers, execute commands or transfer files. To connect to a server via SSH, there are two authentication methods: password or public key.

Password authentication: simple but insecure

Password authentication is the simplest method, but also the least secure. Passwords can be easily guessed, stolen or intercepted by attackers. Moreover, you have to remember your password and enter it every time you connect.

Public key authentication: advanced and secure

Setting up public key authentication for SSH

Public key authentication is a more secure and convenient way to access remote servers than using passwords. To set it up, you will need to generate a pair of keys, one public and one private, and copy the public key to the server you want to connect to. The private key will stay on your local machine and will be used to authenticate yourself when you initiate an SSH session. You will also learn how to use a passphrase to protect your private key from unauthorized access.

Advantages and constraints of public key authentication

Public key authentication: benefits and challenges

Using public key authentication for SSH has many benefits and challenges. Some of the benefits are: increased security, reduced risk of brute force attacks, and a streamlined login process. Some of the challenges are: managing multiple keys, ensuring the integrity of the public key, and recovering from lost or stolen private key. You’ll also learn some best practices for overcoming these challenges and protecting your SSH keys.

Public key authentication has several advantages:

  • Compared to password authentication, public key authentication offers a higher level of security. It also avoids typing your password every time you connect. In addition, it allows you to automate processes that require an SSH connection; such as scripts or orchestration tools.

However, public key authentication also involves certain constraints:

  • You have to deal with some constraints when you use public key authentication. For each client and each server, you have to generate a pair of keys; copy the public key on the server in a special file called ~/.ssh/authorized_keys; and protect the private key against any loss or compromise.

EviKey NFC HSM USB drive: A solution to store your SSH key securely

To overcome these constraints, there is a solution: using an EviKey NFC HSM technology to store your private SSH key physically externalized. EviKey NFC HSM USB drive is a hardware device that allows you to store sensitive data in a secure flash memory, which can only be unlocked with a contactless authentication via a smartphone compatible with NFC (Near Field Communication). It offers several advantages:

  • The EviKey NFC HSM USB drive allows you to keep your private SSH key outside of the hard disk of the client. This reduces the risks of theft or unauthorized access. You can also unlock your private SSH key without typing a password or a passphrase; you just have to approach your smartphone to the NFC HSM USB drive. Moreover, the device offers an industrial level of security equivalent to SL4 according to the standard IEC 62443-3-3.

EviKey NFC HSM: A technology developed by Freemindtronic SL

There are several models and brands of NFC HSM USB drives on the market, but in this tutorial, we will focus on the EviKey NFC HSM technology, developed by Freemindtronic SL, an Andorran company specialized in cybersecurity. EviKey NFC HSM is compatible with all operating systems (Linux, Windows, macOS, Android) and can be used with three free Android applications: Evikey & EviDisk, Fullkey Plus and Freemindtronic (FMT). These applications allow you to manag the NFC HSM USB drives, to create and restore backups, to encrypt and decrypt files, and to authenticate via SSH.

How to create an SSH key and use it with a NFC HSM USB drive

In this tutorial, we will show you how to create an SSH key under different operating systems, how to use a NFC HSM USB drive to store your private SSH key physically externalized, and how to use the public SSH key to authenticate locally, on a computer or on a server.

Prerequisites

The following are required to follow this tutorial:

  • A computer or a smartphone with an operating system among Linux, Windows, macOS or Android.
  • An internet connection.
  • A NFC HSM USB drive.
  • One of the three Android applications mentioned above installed on your smartphone.
  • A remote server that you want to connect to via SSH.

Creating an SSH key

The first step to use public key authentication is to generate a pair of SSH keys (private and public) on your computer or smartphone. To do this, you can use a special utility called ssh-keygen, which is included with the standard OpenSSH suite. By default, this utility will create a pair of RSA keys of 3072 bits.

The procedure to create an SSH key varies depending on the operating system that you use. Here is how to do it for each case:

  • Linux

    • Open a terminal and type the following command: ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
    • This command will create a new pair of SSH keys using your email as a label.
    • You can choose the location and name of the file where to save your private key, as well as a passphrase to protect it.
    • By default, the files are named id_rsa and id_rsa.pub and are stored in the ~/.ssh directory.
  • Windows

    • Download and install the PuTTYgen software from the official website [2].
    • Launch PuTTYgen and click on the Generate button.
    • You will have to move the mouse over the blank area to create some entropy.
    • Once the key is generated, you can enter a comment (for example your email) and a passphrase to secure it.
    • Then, you will have to save your public key and your private key in separate files by clicking on the Save public key and Save private key buttons.
  • macOS

    • The procedure is similar to Linux.
    • Open a terminal and type the following command: ssh-keygen -t rsa -b 4096 -C "your_email@example.com"
    • SSH keygen will create a new pair of SSH keys using your email as a label.
    • You can choose the location and name of the file where to save your private key, as well as a passphrase to protect it.
    • By default, the files are named id_rsa and id_rsa.pub and are stored in the ~/.ssh directory.
  • Android

    • Download and install the ConnectBot application from the Play Store [5].
    • Open ConnectBot and press the Menu button.
    • Select Manage Pubkeys.
    • Press the Menu button again and select Generate.
    • Choose the type of key (RSA or DSA) and the size of the key (2048 bits or more).
    • Enter a nickname for your key and press Generate.

Using a NFC HSM USB drive

Once you have created your pair of SSH keys, you have to move the private SSH key into the flash memory of the NFC HSM USB drive. To do this, you have to plug the NFC HSM USB drive into the USB port of your computer or smartphone, and use the following command:

sudo mv ssh_private_key /usb_directory

This command will move the file containing your private SSH key (for example id_rsa or private.ppk) to the directory corresponding to the NFC HSM USB drive (for example /media/evikey or /storage/evikey). You have to replace ssh_private_key and /usb_directory with the appropriate names according to your case.

Once you have moved your private SSH key into the NFC HSM USB drive, you can lock it contactlessly with your smartphone. To do this, you have to use one of the three Android applications that embed the EviKey NFC HSM technology: Evikey & EviDisk, Fullkey Plus or Freemindtronic (FMT). Here is how to do it for each application:

With Evikey & EviDisk or Fullkey Plus or Freemindtronic (FMT) Android NFC app

  • Open the application on your smartphone.
  • Select the NFC HSM USB drive that you want to lock.
  • Press the Lock button.
  • Approach your smartphone to the NFC HSM USB drive to lock the access to the flash memory.

Authentication via SSH with a NFC HSM USB drive

You have prepared your NFC HSM USB drive and copied your public SSH key on the computer or remote server that you want to connect to via SSH. Now you can authenticate via SSH with the NFC HSM USB drive. Here are the steps to follow:

  • Plug the NFC HSM USB drive into the USB port of the smartphone
  • Open the Android application of your choice
  • Select the option “SSH Authentication”
  • Enter the information of the computer or remote server (IP address, port, username)
  • Select the private SSH key stored in the NFC HSM USB drive
  • Approach your smartphone to the NFC HSM USB drive to unlock the access to the flash memory
  • Validate the SSH connection
  • Access the terminal of the computer or remote server

The method allows you to authenticate locally, on a computer or on a server. Here are some examples of use cases:

Local authentication

You can use the NFC HSM USB drive to authenticate locally on your own computer or smartphone. That can be useful if you want to execute commands as another user, for example root or sudo. To do that, you have to enter the information of your computer or smartphone as IP address, port and username. For example:

ssh -p 22 root@127.0.0.1

It command will connect you via SSH to your local computer as root, using port 22 and IP address 127.0.0.1. It is a special address that always designates the local host. You will have to approach your smartphone to the NFC HSM USB cdrive to unlock your private SSH key and validate the connection.

Computer authentication

With the NFC HSM USB drive, you can authenticate on another computer that you have access to on the network. Such can be useful if you want to access files or programs that are stored on that computer, or if you want to perform maintenance or troubleshooting operations remotely. To do such, you have to enter the information of the computer that you want to connect to as IP address, port and username. For example:

ssh -p 22 alice@192.168.1.10

Local SSH will connect you via SSH to the computer whose IP address is 192.168.1.10, using port 22 and username alice. You will have to approach your smartphone to the NFC HSM USB drive to unlock your private SSH key and validate the connection.

Server authentication

The EviKey NFC HSM USB drive lets you authenticate on a remote server that you have access to via the internet. This can be useful if you want to administer a website, a database, a cloud service or any other type of server. To do this, you have to enter the information of the server that you want to connect to as IP address, port and username. For example:

ssh -p 22 bob@54.123.456.78

That command will connect you via SSH to the server whose IP address is 54.123.456.78, using port 22 and username bob. You will have to approach your smartphone to the NFC HSM USB drive to unlock your private SSH key and validate the connection.

Comparison of Secure Storage Solutions for SSH Keys

EviKey NFC HSM USB Drive: Redefining the Paradigm

The search for dependable, efficient, and secure storage for SSH private keys has evolved from a mere task to a pivotal mission. In a digital landscape riddled with threats, the EviKey NFC HSM USB drive emerges, not merely as a product but as a groundbreaking shift towards cybersecurity, regulatory compliance, and user-friendliness.

Cybersecurity and Safety: A Synergy

Combining cybersecurity (safeguarding digital assets) and safety (protecting the device itself) is a hallmark of the EviKey NFC HSM USB drive. The drive’s construction inherently merges these two dimensions. With electrical and thermal safeguards, ESD protection, and an integrated self-diagnostic system, it’s evident that the EviKey drive is designed not just to store but to fortify.

Simplicity Meets Security: Seamless SSH Key Storage

EviKey has revolutionized the SSH key storage process, doing away with complicated software or intricate steps. Upon unlocking the USB NFC HSM through a contactless mechanism, it presents itself as a standard medium on various operating systems. Users can then smoothly transfer SSH keys to this space. In its locked state, the drive becomes virtually undetectable to both computing and mobile platforms, ensuring unparalleled security. Furthermore, the option to fortify security with an additional password layer is available to users.

Normative Compliance: Setting the Gold Standard

EviKey’s technological prowess is evident in features such as NFC signal energy harvesting. This includes a state-of-the-art black box monitoring system. Additionally, there’s an assurance of data persistence for an astounding 40 years without needing an external power source.

Technological Advancements: Beyond the Ordinary

EviKey’s technological prowess is evident in features such as NFC signal energy harvesting, a state-of-the-art black box monitoring system, and an assurance of data persistence for an astounding 40 years without needing an external power source.

At a Glance: EviKey Versus the Rest


Criteria EviKey NFC HSM Nitrokey Yubikey SoloKeys OnlyKey Trezor
Storage Capacity 8GB-128GB 32KB 32KB 32KB 32KB Limited by key size
SSH Key Capacity Over 4 billion About 24 About 24 Up to 24 Up to 24 Several
Contactless Authentication Yes, via NFC No Yes, NFC or USB Yes, NFC or USB Yes, NFC or USB Yes, via USB
Physical Device Security Enhanced with attack detection & self-destruct Standard with PIN lock Standard with PIN lock Standard with PIN lock Standard with PIN lock Standard with PIN lock
OS Compatibility All OS All OS All OS All OS All OS All OS
SSH & OpenSSH Protocol Compatibility Yes, via OpenSSH Yes, via PKCS#11 Yes, via PKCS#11 Yes, via PKCS#11 Yes, via PKCS#11 Yes, via GPG
SSH & OpenSSH Authentication Modes Five-factor (MFA) Two-factor (2FA) Two-factor (2FA) Two-factor (2FA) Two-factor (2FA) One-factor (1FA)
Users for Contactless SSH & OpenSSH Unlocking Six different users None One user One user One user One user
Patents Three international patents None None None None None
Electrical Protection Integrated with intelligent regulator No No No No No
Thermal Safeguards Functional & thermal sensors with breaker No No No No No
ESD Protection 27kv on data channel No No No No No
Physical Robustness Military-grade resin; Waterproof & Tamperproof No No No No No
Security from Attacks Inclusive of invasive & non-invasive threats No No No No No
Limit on Auth. Attempts 13 (modifiable by admin) No No No No No
USB Port Protection Fully independent security system No No No No No
Contactless Security Energy Harvests energy from NFC signals No No No No No
Black Box Monitoring Comprehensive event tracking No No No No No
Fault Detection In-built self-diagnostics No No No No No
Memory Write Count Monitors flash memory health No No No No No
Data Persistence 40 years without external power No No No No No
Temperature Guard Ensures optimal performance No No No No No
Auto-lock Duration Admin-defined (seconds to minutes) No No No No No

Unveiling the NFC HSM USB Drive EviKey’s Innovations

Deep Dive: Why EviKey is the Leading Choice

With standout features like the swift auto-lock function, EviKey solidifies its position as a market leader. Its rapid automatic re-locking capability, combined with easy NFC unlocking, minimizes vulnerability windows, ensuring top-notch security. The EviKey NFC HSM USB drive signifies not just storage but an investment in unparalleled SSH key protection.

Physical Robustness: Beyond Conventional Protection

Designed with precision, the EviKey NFC HSM USB drive is adept at handling adverse conditions. Enclosed in a military-grade resin, its robustness parallels that of steel. Its unique construction ensures the EviKey drive’s resilience to damage, and its waterproof quality even allows it to operate underwater. Beyond the physical, the drive also provides countermeasures against invasive and non-invasive brute force intrusions.

Independence from Encryption Systems: Freedom of Choice

EviKey NFC HSM USB drive’s design is devoid of a pre-set encryption system, a strategic move to offer users flexibility and security. This choice ensures evasion from issues tied to outdated or flawed cryptographic elements, which may require user updates. This architecture offers users the autonomy to choose their preferred encryption method for data storage on the EviKey drive. Furthermore, the option for drive segmentation allows users to create specific encrypted sections, such as a BitLocker space, diversifying its applications.

Versatility: A Universal Key

EviKey NFC HSM’s adaptability is not limited to SSH key storage. Its versatile nature allows integration with various security ecosystems. The drive can serve as a decryption key for encrypted SSDs, HDs and SDs TPM2.0. Moreover, its compatibility extends to password management, functioning as a password manager or a token, harmonizing with other advanced technologies from Freemindtronic such as EviCode HSM OpenPGP and EviPass HSM OpenPGP.

Conclusion

You now know how to create an SSH key under different operating systems, how to use a NFC HSM USB drive to store your physically externalized private SSH key, and how to use the public SSH key to authenticate locally, on a computer or on a server. You can thus enjoy a secure and convenient authentication method, without needing a password or additional software, while benefiting from an industrial level of security equivalent to SL4 according to the standard IEC 62443-3-3.

If you have any questions or comments, feel free to contact Freemindtronic SL, designer, developer, manufacturer and publisher of applications embedding the EviKey NFC HSM technology. You can also buy the products integrating this technology from Freemindtronic’s partners.

Enhancing Crypto Wallet Security: How EviSeed and EviVault Could Have Prevented the $41M Crypto Heist

Crypto Wallet Security enhancing crypto wallet security how EviSeed and EviVault could have prevented the $41m crypto Heist crypto Lazarus APT38 BNP MATIC Heist

Crypto Wallet Security by Jacques Gascuel: This article will be updated with any new information on the topic.  

How EviSeed and EviVault Could Thwart a $41 Million Crypto Heist

Imagine waking up one day to discover that your crypto wallet has been hacked. As a result, all your funds are gone. Unfortunately, this is exactly what happened to more than 50,000 StakeCube users who were staking cryptocurrencies. They lost a massive $41 million in a cyberattack by North Korean hackers. In this article, we will demonstrate how EviSeed and EviVault technologies, developed by Freemindtronic, could have thwarted this theft.

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

EviSeed and EviVault NFC HSM Technologies could have prevented the $41 million crypto theft by North Korean hackers.

Cryptocurrencies have gained immense popularity, but they have also become increasingly vulnerable to theft. Hackers actively search for vulnerabilities in cryptocurrency storage and exchange platforms, leading to them stealing millions of dollars from users. North Korean hackers recently stole $41 million from the Stake platform, resulting in a high-profile case. In this article, we explore how EviSeed and EviVault NFC HSM technologies could have prevented this theft.

The Significance of Mnemonic Phrases and Private Keys

Before delving into the advantages offered by EviSeed and EviVault, let’s first understand the significance of mnemonic phrases and private keys in cryptocurrency wallet security.

Understanding Mnemonic Phrases and Private Keys’ Role in Cryptocurrency Wallet Security

A mnemonic phrase consists of words used to generate and restore your private key, granting access to your cryptocurrency wallet and enabling transactions.Typically composed of 12, 18, or 24 words selected from a standardized list known as BIP39, a mnemonic phrase might look like:

apple, banana, lemon, orange, strawberry, kiwi, pineapple, mango, melon, watermelon, cherry, plum.

This mnemonic phrase is of utmost importance as it represents the sole means of recovering your cryptocurrency wallet in case of loss or theft of the storage device (e.g., smartphone, computer, USB key). Users must meticulously back it up and should never share it with anyone.

A private key, on the other hand, consists of a sequence of numbers and letters corresponding to the mnemonic phrase. It is employed for signing transactions and confirming ownership of the cryptocurrency wallet. A private key example is:

Securing Cryptocurrency Wallets

Now that we’ve examined the importance of mnemonic phrases and private keys, let’s discuss the risks associated with traditional backup methods and how EviSeed and EviVault technologies provide enhanced security solutions.

The Risks of Traditional Backup Methods for Mnemonic Phrases and Private Keys

Nevertheless, these methods have several drawbacks when it comes to cryptocurrency wallet security. Most cryptocurrency users choose to back up their mnemonic phrases and private keys using paper or metal media:

  • Impracticality: Manually writing or engraving mnemonic phrases and private keys can be tedious and prone to errors.
  • Inefficiency: Retrieving a cryptocurrency wallet or making transactions requires typing or memorizing the mnemonic phrase and private key, which can be time-consuming and cumbersome.
  • Lack of Durability: Paper and metal supports degrade over time, can be lost, damaged, or susceptible to environmental factors like fire, water, and physical harm.
  • Vulnerability: Physical and logical attacks are potential risks. For instance, if someone finds the support containing the mnemonic phrase and private key, they can access the cryptocurrency wallet and transfer funds to another address. If the support is connected to the internet, it can be infected with malware capable of stealing the mnemonic phrase and private key.

Why is Crypto Wallet Security Important?

Crypto wallet security involves protecting your crypto assets from unauthorized access, theft, or loss. Crypto wallet security involves two main components: your mnemonic phrase and your private key. Your mnemonic phrase is a sequence of words that is used to generate and restore your private key, which is the key that allows you to access your crypto wallet and make transactions. The mnemonic phrase and the private key are very important, because they are the only way to recover your crypto wallet in case of loss or theft of the support on which it is stored (smartphone, computer, USB key, etc.). You must therefore backup them carefully and never disclose them to anyone.

Crypto wallet security is important because cryptocurrencies are valuable and vulnerable to attacks. Hackers can exploit vulnerabilities in platforms storing and exchanging cryptocurrencies, employ phishing, malware, or social engineering to deceive users into disclosing their mnemonic phrases or private keys. If hackers get access to these keys, they can transfer the funds to their own addresses and make them untraceable. Therefore, you need to choose reliable and secure backup solutions for your mnemonic phrases and private keys, such as EviSeed and EviVault.

Enhancing Crypto Wallet Security with EviSeed

Now let’s find out how EviSeed technology enhances the security of the crypto wallet. It offers a secure alternative to traditional backup methods.

Simplicity and Automation for Enhanced Crypto Wallet Security

EviSeed simplifies crypto wallet creation, completing all tasks within seconds. It efficiently manages and encrypts mnemonic phrases and their corresponding private keys within the NFC HSM. This automation extends to generating public keys and addresses, ensuring robust Crypto Wallet Security. Importantly, this process occurs offline, shielding sensitive data from exposure. Users can effortlessly monitor their balances using their paired Android NFC smartphones.

Rigorous Security Measures: Protecting Your Crypto Wallet Security

EviSeed employs cutting-edge AES-256 post-quantum encryption in conjunction with key segmentation. Even if malicious actors gain physical access to the NFC HSM, decrypting the mnemonic phrase remains an insurmountable challenge without access to encryption keys and corresponding segments. The device features five segmented encryption keys, bolstered by up to four additional authentication criteria for each wallet, significantly enhancing Crypto Wallet Security. These criteria encompass geographic zones, fingerprints, BSSIDs (Wi-Fi network identifiers), and UIDs of paired Android NFC smartphones.

Multi-Layered Protection: Safeguarding Your Crypto Wallet Security

Access to the NFC HSM is exclusively possible via the Freemindtronic application, seamlessly integrating EviSeed technology for added security, reinforcing your Crypto Wallet Security. In the unlikely event of theft, attackers would require knowledge of all unique authentication criteria to decrypt the private key. Moreover, EviSeed generates an encrypted QR code containing your mnemonic phrase. This QR code can be printed, shared, sent, or used for backup between NFC HSMs, employing RSA 4096 encryption, further enhancing your Crypto Wallet Security. EviSeed also enables hassle-free crypto wallet creation, including an automatic backup of BIP39 seed phrases within NFC HSMs, alongside your private key. The technology effortlessly generates public keys and addresses, allowing you to conduct operations securely, all while maintaining the confidentiality of your seed phrase and private key.

Unmatched Durability for Uncompromising Crypto Wallet Security

NFC HSM devices used by EviSeed are engineered for resilience, with military-grade coatings that protect against water, extreme temperatures ranging from -40°C to +120°C, shocks, and scratches. These devices boast an impressive lifespan, powered by energy recovery from the paired Android smartphone’s NFC signal, ensuring long-term Crypto Wallet Security.

By integrating EviSeed NFC HSM technology into their crypto security strategy, users can significantly bolster the safety of their assets, mitigating the vulnerabilities associated with conventional backup methods, and fortifying their Crypto Wallet Security.

How EviVault NFC HSM Enhances Crypto Wallet Security

Now, let’s explore the remarkable capabilities of EviVault NFC HSM and how it elevates crypto wallet security to unprecedented levels.

A Distinctive Approach to Safeguarding Crypto Wallets

EviVault NFC HSM stands apart as a distinct technology from EviSeed NFC HSM. Its primary objective is to secure cryptocurrency-derived private keys physically and offline, all within a lightning-fast process of fewer than four seconds. This is achieved by scanning the QR code of the derived private key, ensuring swift and robust Crypto Wallet Security.

Error-free backup and storage

EviVault simplifies the process further by allowing users to securely record the BIP39-generated recovery phrase, and automatically store it encrypted in an NFC HSM. The user can easily select without using the keyboard assisted by automatic error control system. This has the effect of further strengthening the security of the cryptographic wallet by preventing the backup process in case of error. Thus, all these protection mechanisms are airtight to physical, logical or online threats.

Streamlined Security for Crypto Wallets

EviVault introduces a series of advantages over conventional methods that enhance Crypto Wallet Security comprehensively:

  • Simplicity: Users no longer need to manually enter the derived private key. The cumbersome practice of writing, engraving, or copying private keys in plain text, which can be susceptible to malicious third parties, becomes obsolete. Instead, users can swiftly scan the encrypted QR code of the derived private key, created by EviSeed technology, and store it securely within an EviVault NFC HSM in under four seconds.
  • Efficiency: Gone are the days of memorizing or typing private keys, or risking exposure by storing them in unencrypted forms. By merely passing their Android NFC smartphone paired with the NFC HSM under the NFC antenna, users can view the private key or its compressed/uncompressed public address. The technology even allows for secure sharing of private keys and encrypted public addresses via a pair of RSA 4096 keys, all without exposing sensitive data to the user’s phone or computer.
  • Durability: EviVault stands out with its robust design, devoid of connectors, screens, batteries, buttons, or any other wear-prone components. It offers a lifetime of service, powered by energy recovery from the paired Android smartphone’s NFC signal. Furthermore, EviVault NFC HSM devices, like their EviSeed counterparts, exhibit resistance to water, extreme temperatures ranging from -40°C to +120°C, shocks, and scratches, thanks to a military-grade component coating, ensuring top-tier Crypto Wallet Security in harsh environments.
  • Unyielding Security Measures: EviVault incorporates EviCore NFC HSM technology, featuring post-quantum AES-256 encryption and advanced key segmentation. Even if potential attackers gain physical access to the NFC card, decrypting the private key remains an insurmountable task without access to the encryption keys and corresponding segments, each exceeding 256 bits in complexity. Additionally, users can bolster Crypto Wallet Security by adding up to four segmented authentication criteria for each wallet, including geographical zones, fingerprints, BSSIDs (Wi-Fi network identifiers), or UIDs of paired Android NFC smartphones. Access to the NFC card remains exclusive through the Freemindtronic application, which incorporates EviVault technology, fortifying Crypto Wallet Security with an additional layer of protection.

Incorporating EviSeed or EviVault NFC HSM technology into their crypto security strategy empowers cryptocurrency users to elevate the security of their holdings significantly. These technologies not only eliminate vulnerabilities associated with conventional backup methods but also provide formidable protection against both physical and digital threats, ensuring unparalleled Crypto Wallet Security in today’s dynamic digital landscape.

Summary of Enhanced Cryptocurrency Security

The Crucial Role of Crypto Wallet Security

In summary, EviSeed and EviVault NFC HSM technologies offer innovative solutions to enhance cryptocurrency wallet security, safeguarding digital assets from physical and digital threats.

Protecting Your Investments

Given the increasing adoption of cryptocurrencies, it’s essential to invest in secure storage solutions such as EviSeed and EviVault for effective investment protection.

How a Flaw in the Unencrypted Private Key Backup System Allowed the North Korean Hackers to Steal $41 Million in Crypto from StakeCube and How EviSeed and EviVault Could Have Prevented It

March 2023 witnessed a group of North Korean hackers, Lazarus, or APT38. They stole $41 million in cryptocurrencies from StakeCube, an online casino and betting platform. These hackers took advantage of a flaw in the backup system; it stored unencrypted private keys on a centralized and insecure server. These attackers copied the private keys of more than 50,000 users from the server. Subsequently, they transferred the funds to their own addresses using these keys. These attackers evaded detection for several months with great organization and methodology. These attackers also concealed and laundered the stolen funds to make them hard to trace.

This incident emphasizes the significance of cryptocurrency wallet security and the necessity to select dependable and secure backup solutions for private keys and mnemonic phrases. In this article, we will show you how EviSeed and EviVault, two technologies developed by Freemindtronic, can help you protect your crypto assets from hackers.

Lazarus-affiliated North Korean hackers are renowned for their sophisticated attacks. In the case of the StakeCube theft, they demonstrated a high level of organization and methodology. However, EviSeed and EviVault’s advanced security features could have acted as formidable barriers, enhancing crypto wallet security.

  • Advanced encryption: EviSeed uses post-quantum AES-256 encryption, which makes it virtually impossible for hackers to decrypt the mnemonic phrases and private keys stored, even if they physically access the device.
  • Key segmentation: EviSeed’s key segmentation would have added another layer of protection. Without knowledge of the encryption keys and corresponding segments, which are greater than 256 bits, attackers couldn’t access the private keys.
  • Authentication criteria: Users can set up to four additional segmented authentication criteria for each wallet, including geographic zones, fingerprints, BSSID (Wi-Fi network identifiers) or UID of paired Android NFC smartphones. This would have made it extremely challenging for hackers to gain access.
  • Offline storage: EviSeed works offline, ensuring that mnemonic phrases and private keys are never exposed to the internet, a common entry point for hackers.

Cyber-Attack-Proof Crypto Wallet Security via EviVault

Cryptocurrencies are valuable digital assets that need protection from hackers or accidents. But how can you secure your crypto wallet effectively and easily? The answer is EviVault NFC HSM, an innovative solution that uses NFC technology to encrypt and backup your private keys.

You know how difficult it can be to back up and encrypt your private keys with traditional methods. This is also where the EviVault NFC HSM technology comes in. Let’s take a look at how EviVault improves crypto wallet security against potential threats, such as North Korean hackers. In the context of protecting your digital assets, we will discover how EviVault combines several protection measures:

  • Fortifying Physical Security: EviVault’s resolute physical security measures would have posed an insurmountable challenge to hackers. The private keys, nestled within the NFC card, would remain impenetrable.
  • Rampart of Encryption and Key Segmentation: EviVault would have placed attackers in a cryptographic deadlock. It employs post-quantum AES-256 encryption and meticulous key segmentation. Decrypting the private keys would become an exercise in futility.
  • Enhancing Authentication Criteria: EviVault introduces a layer of complexity by incorporating additional authentication criteria, such as geographic zones and fingerprints. These sophisticated layers would have further confounded hackers, rendering their attempts futile.
  • EviCore Integration: An Extra Layer of Security Access to the NFC card is exclusively governed by the Freemindtronic application, intricately woven with EviVault technology. This integration bestows an added layer of security. It ensures that even if the NFC HSM were stolen, attackers would be stymied by the intricate web of authentication criteria required to decrypt the private key.

We can’t rewrite history or reverse the result of the Stake hack, but it’s clear that EviSeed and EviVault NFC HSM technologies are strong advocates. These are indispensable tools to strengthen the security of the crypto wallet in today’s digital landscape. They act as your shield against potential threats. Note that the Keepser product an NFC Cold Wallet embedding EviVault NFC HSM technology from Freemindtronic click here to learn more.

Official Sources

To support the information presented in this article, we have used the following official sources:

  • [FBI press release] that attributes the theft to Lazarus, a North Korean state-sponsored cybercrime unit.
  • [IMF report] that analyzes the risks and challenges related to crypto-assets and proposes recommendations to strengthen supervision and international cooperation.
  • [Stake.com official website], the online casino and betting platform victim of the theft, that explains how the theft occurred and how they plan to reimburse their users.
  • [Freemindtronic official website], the company that developed EviSeed and EviVault technologies, that presents the benefits and features of these secure backup solutions for private keys and mnemonic phrases.

Why choose a Cold Wallet NFC HSM to secure your cryptocurrencies?

Secure your cryptocurrencies with a cold wallet NFC HSM hacker hood with laptop secure cryptocurrencies the fatal mistake of using a virtual password manager lastpass hacked

secure your cryptocurrencies with a cold wallet NFC HSM by Jacques Gascuel: This article will be updated with any new information on the topic.  

Secure your cryptocurrencies offline by Cold Wallet NFC HSM

Did you know that password managers and hot wallets can be hacked, leaked or stolen? In this article, we will show you a better solution: the cold wallet NFC HSM. It is a physical wallet that uses NFC technology to store and manage your private keys and recovery phrases offline. It is simple, efficient, durable and secure. Read on to find out more!

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

How to secure your cryptocurrencies with a cold wallet NFC HSM is the topic of this article. Cryptocurrencies are digital currencies that offer many benefits, but also pose risks, especially in terms of security. To avoid losing or having your funds stolen, there is a solution: the cold wallet NFC HSM. It is a physical wallet that uses NFC technology to store and manage your private keys and recovery phrases offline, without internet connection or contact with a third party. The cold wallet NFC HSM uses patented technologies by Freemindtronic, an Andorran company specialized in security and protection of computer systems and information systems. These technologies are EviSeed and EviVault. In this article, we will explain why you should use a cold wallet NFC HSM to secure your cryptocurrencies and how to do it.

Why you need a cold wallet NFC HSM to secure your cryptocurrencies

If you own cryptocurrencies, you know that it is essential to protect your private keys and recovery phrases, which are the only means of accessing your funds. These sensitive data are often stored on online services, such as password managers, clouds or exchange platforms. These services offer some convenience, but they also pose significant risks:

  • You depend on a third party that can be victim of an attack, a flaw or a closure. If the service is compromised, you can lose access to your cryptocurrencies or have them stolen.
  • You do not have full control over your data, which can be exposed to leaks, thefts or legal requests. If someone accesses your private keys or recovery phrases, they can transfer your cryptocurrencies to another wallet without your consent.
  • You do not have the guarantee that your data are encrypted end-to-end, which means that they can be read or modified by the service or by a third party. If your data are stored in plain text or with weak encryption, they can be easily decrypted by a hacker.

These risks are not hypothetical. They are real and have already caused many losses for cryptocurrency users. Here are some statistics that show the dangers of storing cryptocurrencies online:

The statistics on the security incidents of password managers and hot wallets

  • A study by Verizon in 2021 showed that 81% of global data breach notifications were related to a password issue.
  • A survey conducted by Google in 2020 revealed that only 15% of users used an online password manager.
  • A report by CipherTrace published in 2020 stated that thefts and frauds related to cryptocurrencies reached 1.9 billion dollars in 2020.
  • A study by Chainalysis published in 2019 reported that exchange platforms suffered 11 major attacks in 2019, resulting in the loss of more than 283 million dollars in cryptocurrencies.
  • An analysis performed by Independent Security Evaluators in 2017 found that five of the main password managers presented critical vulnerabilities that allowed attackers to access the stored passwords.

The recent example of the hacking of LastPass and the thefts of cryptocurrencies

A recent example shows the dangers of storing recovery phrases or private keys online. LastPass, a password management service, had two major security incidents in 2022. A hacker accessed the source code, technical information and vaults of customers. Several experts linked these incidents to a series of cryptocurrency thefts. More than 150 victims lost more than 35 million dollars. These experts said that the victims had used LastPass to store their recovery phrases.

These incidents prove that virtual password managers are not good for securing cryptocurrencies. They do not encrypt or protect your data enough. They can also suffer from attacks or flaws that expose or change your data.

For more details about these incidents and their link to the crypto thefts, you can check these sources:

Therefore, you need a safer and more reliable solution to store and manage your cryptocurrencies: the cold wallet NFC HSM. It is a physical wallet that uses NFC technology to store and manage your private keys and recovery phrases offline, without internet connection or contact with a third party. The cold wallet NFC HSM uses patented technologies by Freemindtronic, an Andorran company specialized in security and protection of computer systems and information systems. These technologies are EviSeed and EviVault.

In the next section, we will explain how the cold wallet NFC HSM works and what are its advantages.

How the cold wallet NFC HSM works and what are its advantages

The cold wallet NFC HSM is a physical wallet that uses NFC (Near Field Communication) technology to store and manage your private keys and recovery phrases offline, without internet connection or contact with a third party. The cold wallet NFC HSM uses patented technologies by Freemindtronic, an Andorran company specialized in security and protection of computer systems and information systems. These technologies are EviSeed and EviVault.

EviSeed is a technology that allows you to backup your recovery phrases in an encrypted way on the NFC HSM support of your choice. EviSeed also generates a QR code containing your encrypted recovery phrase, which you can print, share, send or save between NFC HSM supports by scanning the QR code encrypted in RSA 4096. You can also exchange your encrypted recovery phrases in NFC Beam or proximity between phones by wifi or Bluetooth.

EviVault is a technology that allows you to store and manage your private keys on the NFC HSM support of your choice. It is designed to protect your sensitive data and transactions from unauthorized access or alteration. It can be used as a secure element for authentication, encryption, digital signature or blockchain applications.

The cold wallet NFC HSM offers several advantages over other cold wallets:

Simplicity

You do not need to write or engrave your recovery phrases or private keys, just scan them with the application developed by Freemindtronic that embeds the EviSeed or EviVault technologies dedicated to securing blockchain and cryptocurrency keys on your NFC Android smartphone and transfer them to the NFC HSM support of your choice.

Efficiency

You do not need to memorize or type your recovery phrases or private keys, just scan them with your smartphone to restore your wallet.

Durability

The NFC HSM support that you choose to store your recovery phrases or private keys can be resistant to water, fire, shocks and scratches. It does not deteriorate over time. It does not require battery or internet connection.

Security

The NFC HSM support uses a patented segmented key technology, which means that your private keys are divided into several parts that are distributed between the support, the application and your smartphone. Thus, even if one of the elements is compromised, your cryptocurrencies remain protected.

To use a cold wallet NFC HSM to secure your cryptocurrencies, you must follow these steps:

  • Download the application developed by Freemindtronic that embeds the EviSeed or EviVault technologies dedicated to securing blockchain and cryptocurrency keys on your NFC Android smartphone.
  • Create or import your cryptocurrency wallet on the application.
  • Scan your recovery phrase or private key with the application.
  • Choose the NFC HSM support on which you want to save your recovery phrase or private key: an EviVault compatible Keepser or an EviSeed compatible SeedNFC.
  • Transfer your encrypted recovery phrase or private key to the NFC HSM support.
  • To restore your wallet, scan again the NFC HSM support with the application.

To sum up, a cold wallet NFC HSM is a simple, efficient and durable way to secure your cryptocurrencies. Freemindtronic, an innovative and patented company, created this solution. You have full control over your private keys and recovery phrases with a cold wallet NFC HSM. You do not depend on an online service. It protects you from hackers, thieves or losses. You should use a cold wallet NFC HSM to protect your cryptocurrencies if you own them. You can order it on Freemindtronic’s website or from its partners.

How to choose the best multi-factor authentication method for your online security

Multi-factor authentication how to choose the best multi factor authentication MFA method for your online security and PassCypher NFC HSM solution passwordless MFA from Freemindtronic

Multi-factor Authentication by Jacques Gascuel: This article will be updated with any new information on the topic.  

Why use multi-factor authentication?

Passwords are not enough to protect your online accounts from cybercriminals. You need to use a more robust authentication method: multi-factor authentication. It combines several factors to verify your identity, such as passwordless MFA. In this article, you will discover what it is, how it works and how to choose it.

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

Everything you need to know about multi-factor authentication and its variants

Have you ever wondered how to protect your online accounts and data from hackers and cybercriminals? If so, you need to know about multi-factor authentication and its variants. Authentication is the process that verifies the identity of a user who wants to access a website, an application or a system. Authentication is essential to protect the security and privacy of data and online transactions. Without proper authentication, hackers and malicious actors can access sensitive information, steal identities, compromise accounts or commit fraud.

There are different authentication methods that can offer different levels of security and convenience for users. Some methods use only one factor, such as a password, to verify a user’s identity. This is called single-factor authentication (SFA). SFA is simple, fast and convenient, but also very insecure and unreliable. Other methods use two or more factors, such as a password and a code, to verify a user’s identity. This is called multi-factor authentication (MFA). MFA offers a high level of security because it makes it harder for attackers to obtain all the factors needed to access an account.

In this article, we will explain the main differences between six popular methods of authentication: single-factor authentication (SFA), multi-factor authentication (MFA), two-factor authentication (2FA), two-step verification (2SV), one-time passwords (OTP) and passwordless multi-factor authentication (Passwordless MFA). We will also introduce you to a new product that offers an innovative and eco-friendly solution for contactless multi-factor authentication: PassCypher NFC HSM. We will also discuss another method of authentication that allows users to access multiple applications or services with one login. This is called single sign-on (SSO). SSO can use different protocols, such as SAML, OAuth, or OpenID Connect, to verify the user’s identity and grant access.

According to a report by Microsoft, 99.9% of account compromise attacks can be blocked by using multi-factor authentication. Therefore, it is important to choose the best authentication method for your online security. In this article, we will help you understand the pros and cons of each method and how to choose the best one for your needs and preferences.

Why use multi-factor authentication?

You use passwords for your online accounts; but are they secure enough? Cybercriminals can steal, guess or hack them easily; you hear many news about it. You want to improve their protection and usage; you need to know more. You need to know the different methods of multi-factor authentication; up to the most robust one, like passwordless MFA. In this article, you will get answers and learn more.

How to evaluate the level of resistance to cyberattacks?

We use several criteria to evaluate the level of resistance to cyberattacks of an authentication method, such as:

  • The number and diversity of factors used: An attacker has a harder time getting all the factors if there are more of them. It is also better to combine factors of different natures (what you know, what you have, what you are); they are less vulnerable to the same types of attacks.
  • The complexity and variability of factors used: An attacker has a harder time guessing or reproducing the factors if they are more complex and variable. For example, a long and random password is more resistant than a short and simple one. Likewise, a one-time code is more resistant than a fixed one.
  • The security and reliability of communication channels used: An attacker has a harder time intercepting or altering the channels if they are more secure and reliable. For example, an encrypted connection is more secure than an unencrypted one. Likewise, a push notification is more reliable than an SMS.
  • The ease and speed of use for the user: Users are more likely to adopt the methods if they are easier and faster. A too complex or slow method can discourage users or make them bypass security. For example, facial recognition is easier and faster than a USB key.

We give a score out of 10 to each authentication method based on these criteria; we consider the pros and cons of each factor and channel. This score reflects the level of resistance to cyberattacks of the method; its ability to prevent or reduce the impact of an attack.

What are the differences between MFA, 2FA, 2SV, SFA, SSO, OTP and Passwordless MFA?

MFA, 2FA, 2SV, Passwordless MFA, OTP and SFA are all types of authentication methods that require users to provide one or more pieces of evidence (or factors) to prove their identity. However, they have distinct differences in terms of how they work and how secure they are. Here is a summary of each one:

Multi-Factor Authentication (MFA)

MFA is a security enhancement that requires users to submit two or more pieces of evidence (factors) to access a system. These factors can belong to different categories, such as:

  • Knowledge: something that the user knows, such as a password, a PIN or an answer to a secret question.
  • Possession: something that the user has, such as a smartphone, a smart card or a hardware token.
  • Inherence: something that the user is, such as a fingerprint, a retina scan or a facial recognition.

MFA offers a high level of security because it makes it harder for attackers to obtain all the factors needed to access an account. Even if one factor is compromised, such as a password, the other factors can still prevent unauthorized access.

Level of resistance to cyber attacks: 8/10

Two-Factor Authentication (2FA)

2FA is a type of MFA; it uses two distinct factors of authentication. These factors must belong to two different categories; such as knowledge and possession. For example, you can log in to an account; with your username and password (knowledge). Then you receive a notification on your smartphone (possession); to approve the login.

2FA offers an intermediate level of security between single-factor authentication by password only and MFA by adding an extra layer of protection against unauthorized access attempts. However, it can be less secure than 2FA; if it uses factors that belong to the same category; such as knowledge.

Indeed, if an attacker manages to obtain the password and the additional code; they can access the account without any problem.

Level of resistance to cyber attacks: 6/10

Two-Step Verification (2SV)

2SV is a type of MFA that requires two sequential steps of verification using authentication factors. These steps can belong to the same category, such as knowledge. For example, Google uses 2SV for its accounts. To log in, the user enters their username and password (knowledge), then they enter an additional code that they receive by SMS or email (knowledge).

2SV offers an intermediate level of security between single-factor authentication by password only and 2FA by adding an extra layer of protection against unauthorized access attempts. However, it can be less secure than 2FA if it uses factors that belong to the same category, such as knowledge.

Indeed, if an attacker manages to obtain the password and the additional code, they can access the account without any problem.

Level of resistance to cyber attacks: 4/10

Single-Factor Authentication (SFA)

Single-Factor Authentication (SFA) is a security method that uses only one factor to verify a user’s identity. A factor is something that the user knows, has, or is. For example:

  • One piece of evidence (factor) verifies a user’s identity with SFA.
  • The factor can be something the user knows (password, PIN, secret question), has (smartphone, smart card, hardware token), or is (fingerprint, retina scan, facial recognition).
  • SFA has some benefits but also many drawbacks. It is simple, fast and convenient, but also insecure, unreliable and non-compliant.
  • Many cyberattacks expose users to SFA, such as phishing, keylogging, brute force or credential stuffing.
  • Attackers can easily obtain the factor and access the account without the user’s consent.
  • If the factor is compromised (e.g., password), the account is vulnerable to unauthorized access.
  • SFA does not meet the security standards or regulations of some industries or organizations (e.g., banks, government agencies).

SFA offers a low level of security because it makes it easy for attackers to obtain the factor needed to access an account. If the factor is compromised, such as a password, the user’s account is vulnerable to unauthorized access.

Level of resistance to cyber attacks: 2/10

Single Sign-On (SSO) and Multi-Factor Authentication (MFA)

Single Sign-On (SSO) is a security method that allows users to access multiple applications or services with one login. The user only needs to enter their username and password once, and the SSO service authenticates them for all the connected applications. SSO can use different protocols, such as SAML, OAuth, or OpenID Connect, to verify the user’s identity and grant access. SSO has some advantages and disadvantages that you should consider before choosing it as your authentication method.

  • Pros of SSO
    • Reduced password fatigue: Users only need to remember one password instead of many. This makes it easier to create strong and unique passwords for each application.
    • Simplified user and password management: IT admins can control the access rights of users from a central place. They can also revoke or change the passwords of users who leave the organization or lose their devices.
    • Improved identity protection: SSO can use additional security measures, such as multi-factor authentication (MFA), to enhance the verification process. MFA is a type of authentication that requires two or more factors to verify a user’s identity. These factors can be something that the user knows, has, or is, such as a password, a smartphone, or a fingerprint. MFA offers a higher level of security than single-factor authentication (SFA), which only requires one factor, such as a password.
  • Cons of SSO
    • Limited user control: Users cannot choose which applications are included in the SSO service. They may also have difficulty logging out of all the applications at once.
    • Incompatible apps: Some applications may not support the SSO protocols or require additional configuration to work with the SSO service. This may limit the number of applications that users can access with one login.
    • Unpredictable costs and time: Implementing and maintaining an SSO service may be costly or complex for some organizations. They may need to buy or develop software, pay for subscription fees, train users or staff, or comply with regulations.

SSO has some benefits but also some drawbacks that you should consider before choosing it as your authentication method. You should weigh the pros and cons of SSO and compare them with your security goals and resources.

Level of resistance to cyber attacks: 7/10

Passwordless Multi-Factor Authentication (Passwordless MFA)

Passwordless MFA is a term used to describe an authentication method; that does not require a password; and that uses multiple factors. For example, you can log in to an account; using your fingerprint (inherence) and a code generated by your smartphone (possession); without having to enter your username or password.

Passwordless MFA offers the highest level of security; when implemented correctly; because it eliminates the risk of password theft or leakage. It also improves convenience and user experience; because it does not require memorization or input of passwords.

Level of resistance to cyber attacks: 10/10

One-Time Passwords (OTP)

OTP are random and temporary codes; that are used as additional factors of authentication. There are two main types of OTP: Time-based One-Time Password (TOTP) and HMAC-based One-Time Password (HOTP).

Time-based One-Time Password (TOTP)

TOTP is a type of OTP that is generated based on time; it uses a secret key shared between the server and the client; as well as a counter based on the client’s clock. The server and the client calculate the same code; using the same key and the same counter. The code is valid for a short period, usually 30 seconds.

TOTP offers a high level of security because it prevents the reuse of codes. Even if an attacker intercepts a code, they will not be able to use it after its expiration.

Level of resistance to cyber attacks: 7/10

HMAC-based One-Time Password (HOTP)

HOTP is a type of OTP that is generated based on an incremental counter. It uses a secret key shared between the server and the client, as well as a counter that increments every time a code is generated or validated. The server and the client calculate the same code using the same key and the same counter. The code does not have a fixed validity period, but it must be used in order.

HOTP offers an intermediate level of security because it requires synchronization between the server and the client. If the client’s counter is offset from the server’s counter, there may be authentication errors. Moreover, if an attacker manages to obtain the secret key or the counter, they can generate valid codes.

Level of resistance to cyber attacks: 5/10

Statistics on MFA, 2FA, 2SV, SFA, OTP (TOTP and HOTP), Passwordless MFA and SSO

To illustrate the importance and popularity of multi-factor authentication methods, here are some statistics from various sources:

  • According to the 2021 Duo Trusted Access Report, the total number of MFA authentications increased by 39% over the past year, while biometric authentications saw an even faster growth, with a 48% increase.
  • The report also indicates that Duo Push is the most popular authentication method, accounting for 30% of the total authentications, followed by SMS (25%) and phone calls (19%).
  • Among customers using location policies, 74% block Russia and China, which are the most frequently blocked countries in authentication apps.
  • In 2020, Duo Security conducted a survey of over 4,000 people in the US and UK on their experience and perception of 2FA. The survey revealed that 79% of respondents had used 2FA in 2020, up from 53% in 2019 and 28% in 2017.
  • The survey also showed that SMS (85%) continues to be the second most common factor that respondents with 2FA experience have used, slightly up from 2019 (72%). Email is the second most common factor (74%), with a notable increase from 2019 (57%).
  • According to a report by Okta, an identity and access management company, SSO adoption increased by 68% between February and April 2020, as more organizations shifted to remote work due to the COVID-19 pandemic.
  • The report also found that SSO usage was highest among education (60%), technology (58%), and non-profit (49%) sectors. The most popular SSO protocols were SAML (54%), OAuth (24%), and OpenID Connect (22%).

These statistics show that multi-factor authentication methods are more effective and popular than single-factor authentication methods. They provide higher levels of security and reliability for users and organizations. However, they also reveal that there is still room for improvement and awareness in terms of online security. Many users and companies do not use multi-factor authentication or use weak factors that can be compromised. Therefore, it is important to educate and encourage users and companies to adopt multi-factor authentication methods that suit their needs and preferences.

Discover PassCypher NFC HSM: an innovative solution for contactless multi-factor authentication

You now have a better understanding of the different methods of multi-factor authentication and their pros and cons. You may have noticed that some methods have weaknesses, such as vulnerability to cyber attacks, dependency on network or battery availability, or complexity of managing passwords.

Fortunately, there is a solution that combines security, convenience and ecology to protect your data and online transactions. We introduce you to PassCypher NFC HSM, a product developed by Freemindtronic that allows you to store and manage passwords, one-time passwords (OTP) and HMAC-based passwords (HOTP) in a wireless and battery-free device. It uses EviOTP technology, which is a patented solution by Freemindtronic to generate OTP without internet connection or power supply. It works with NFC-compatible Android smartphones and computers equipped with a Chromium or Firefox web browser.

The benefits of PassCypher NFC HSM

Some of the benefits of PassCypher NFC HSM over traditional multi-factor authentication solutions are:

  • Higher resistance to cyber attacks: It uses a NFC HSM device that stores the secrets in an encrypted way. It also verifies the validity of the device used, its pairing key, its unique anti-counterfeiting key, and the validation of the Authenticator Sandbox. It does this with auto verification of fraudulent URLs.
  • Greater convenience: It does not require network or battery. You just need to scan the PassCypher NFC HSM device with your smartphone. This will automatically fill in the login fields on your computer or display the OTP code. The OTP code corresponds to the online service.
  • Better eco-friendliness: It reduces energy consumption and CO2 emissions. It uses a wireless and battery-free device. It works with EviOTP technology, which generates OTP without network or battery. You can scan them with your smartphone to access your accounts.
  • More customization: It allows the user to freely define the authentication factors that they want to use. They can add cumulative factors such as the UID of the NFC Android phone, a BSSID or an authorized geofence. They can also add additional factors that involve their intervention. For example, a biometric criterion or a segmented key via a QR code or a hexadecimal barcode.

The features of PassCypher NFC HSM

PassCypher NFC HSM offers several features that facilitate the management and use of passwords and OTP. Here are some of these features:

  • It allows you to automatically fill in the identifiers and passwords of 2SV methods, such as Google or Facebook, using a browser extension. You just need to scan the PassCypher NFC HSM device with your smartphone to automatically fill in the login fields on your computer.
  • It manages TOTP, such as those used by GitHub or Dropbox, using a dedicated application on your smartphone. You just need to scan the PassCypher NFC HSM device with your smartphone to display the TOTP code corresponding to the online service. For this, you must have previously saved the OTP codes via the QR Code generated from the site that authorizes 2FA via TOTP or HOTP.
  • It has an advanced configurable passwordless MFA function patented using physical origin segmented key authentication defined freely by the user. It can add them cumulatively for each secret stored in the NFC HSM of segments that can be UID of the NFC Android phone, a BSSID or an authorized geofence. It can also add additional factors that involve their intervention, such as a biometric criterion or a segmented key via a QR code or a hexadecimal barcode. You just need to scan the PassCypher NFC HSM device with your smartphone to access your account without entering any username or password.
  • It allows you to save and restore contactlessly, in real time in volatile memory of the phone or computer, without needing a server, database, without needing to create an account and anonymously and encrypted end-to-end from the NFC HSM. It works on the NFC Android phone and on computer via an extension only on the local network encrypted end-to-end from the NFC HSM. You just need to pass the PassCypher NFC HSM under your smartphone’s antenna to auto-connect to the cloud service via the passwordless MFA process.
  • It allows you to share secrets stored in NFC HSM by various means with other authorized users with trust criteria who also have a PassCypher NFC HSM. Sharing can be done in presence of the recipient who scans a QR Code of the secret shared via coded QR Code. It can share nearby by bluetooth file sharing. It can also share remotely via all means of communication existing in their phone including SMS or RCS using a 4096-bit RSA public key that the recipient has freely generated in their NFC HSM that they regenerate at will. It can also share it contactlessly via Android Beam NFC technology.

Conclusion

In this article, we have discussed how to choose the best multi-factor authentication method for your online security. We have also compared some of the most popular and innovative solutions available in the market. Multi-factor authentication is a vital component of online security that protects your data and transactions from unauthorized access. However, not all methods are suitable for all situations and needs. Therefore, you should consider several factors when choosing an authentication method, such as:

  • The type and sensitivity of the data or transactions that you want to protect. Some data or transactions are more valuable or confidential than others. For example, your bank account or medical records require more protection than your social media account or online shopping.
  • The availability and reliability of the network or battery for your devices. Some methods depend on the network or battery to work. For example, you cannot use SMS or email if you have no internet connection or phone signal. Likewise, you cannot use a USB key or a smart card if your device has no power or port.
  • The ease and frequency of use and management of the authentication factors. Some methods are easier and faster to use and manage than others. For example, facial recognition or fingerprint scanning are more convenient than typing a password or entering a code. However, you may also need to change or update your factors regularly to maintain their security.
  • The compatibility and interoperability of the authentication method with your devices and platforms. Some methods work only with specific devices or platforms. For example, you cannot use an Apple Watch or a Google Authenticator app if you have an Android phone or a Windows computer. Likewise, you cannot use a biometric scanner if your device does not have one.
  • The cost and benefit of implementing and maintaining the authentication method. Some methods are more expensive or complex to implement and maintain than others. For example, you may need to buy additional hardware or software, pay for subscription fees, train users or staff, or comply with regulations.

These factors can help you decide which authentication method suits your needs and preferences best. You should weigh the pros and cons of each method and compare them with your security goals and resources.

Comparison of popular authentication methods

We have explained the main differences between five popular methods of multi-factor authentication: multi-factor authentication (MFA), two-factor authentication (2FA), two-step verification (2SV), passwordless multi-factor authentication (Passwordless MFA) and one-time passwords (OTP). Each method has its own advantages and disadvantages depending on the context and implementation. We have also introduced you to a new product that offers an innovative and eco-friendly solution for contactless multi-factor authentication: PassCypher NFC HSM.

PassCypher NFC HSM offers several benefits over traditional multi-factor authentication solutions, such as SMS or email

Freemindtronic designed, developed and manufactured PassCypher NFC HSM. This product lets you store and manage passwords, keys, OTP and HOTP. It uses a wireless, battery-free NFC HSM device. It works for life without maintenance. It also incorporates several EviPass technologies. EviCore NFC HSM and EviOTP technology are patented by Freemindtronic. With these technologies, you can manage, store, share, encrypt and generate OTP code securely. You can do this contactlessly from NFC devices. It does not need an Internet connection, a server, a database or a power supply. It works contactless with NFC-compatible Android smartphones.

PassCypher NFC HSM also offers several features that facilitate the management and use of passwords, such as:

Password generator: It can generate strong and random passwords for any website or application.

  • Password manager: It can store and retrieve your passwords securely and conveniently.
  • OTP generator: It can generate OTP based on time (TOTP) or counter (HOTP) for any website or application that supports them.
  • HOTP generator: It can generate HOTP based on HMAC algorithm for any website or application that supports them.
  • QR code scanner: It can scan QR codes that contain OTP information and generate the corresponding OTP.
  • Web extension: This is a feature that can integrate with your web browser. It can automatically fill in your complicated and complex usernames and passwords in MFA Passwordless. It does this for any website you visit.

One of the features of PassCypher NFC HSM is that it can store and manage SSO credentials and passwords for automatic login in passwordless MFA. This means that you can use PassCypher NFC HSM to access multiple applications or services with one tap, without entering any password. This increases the level of security of the authentication by SSO, as it eliminates the risk of password theft or compromise. Similarly, PassCypher NFC HSM can also store and manage SFA credentials and passwords for automatic login in passwordless MFA. This means that you can use PassCypher NFC HSM to access any website or system with one tap, without entering any password. This increases the level of security of the authentication by SFA, as it reduces the password fatigue and reuse.

PassCypher NFC HSM is a powerful and innovative product that enhances your online security and convenience. It is compatible with any type of authentication method, such as MFA, 2FA, 2SV, Passwordless MFA or SFA. It is also easy to use and eco-friendly.

If you are interested in trying out PassCypher NFC HSM, you can order it from our [website] or download our [web extension] for free. If you have any questions or feedback, please feel free to [contact us]. We would love to hear from you.

How to Recover and Protect Your SMS on Android

Recover and protect your SMS and secure by EviCypher NFC HSM Technology by Freemindtronic from Andorra

Recover and protect your SMS hack by Jacques Gascuel: This article will be updated with any new information on the topic.  

Guard Your SMS: Protect & Recover Android Texts

SMS are one of the most common ways of communication in the digital world. They can contain important information, such as personal messages, bank details, verification codes, and more. However, Various factors such as accidental deletion, device malfunction, virus attack, or theft can cause the loss, deletion, or compromise of SMS.

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

Recover and Protect Your SMS on Android: A Complete Guide

First of all, SMS are a popular communication tool on Android smartphones. They allow you to share information, emotions, memories with your loved ones or professional contacts. But what if you lose your SMS by accident or maliciously? How can you recover and protect them?

In the following sections, we will show you how to restore your permanently deleted SMS on Android with different methods, such as Google Drive backup, Samsung Messages trash or third-party apps.

Moreover, we will address the recovery of SMS that are supposed to be permanently deleted or inaccessible intentionally. Malicious people recovering these SMS can cause significant harm or even be vital. That’s why, we will show you how to secure your sensitive SMS even in case of recovery, interception or unauthorized access with EviCypher NFC HSM technology, developed by Freemindtronic, an Andorran company specialized in NFC security.

Finally, as an inventor of counter-espionage, security and cybersecurity solutions at Freemindtronic, the illicit recovery of sensitive data such as SMS often has serious consequences. We are also the first to introduce you to this innovative technology, which allows you to encrypt your SMS with your own encryption keys stored in a secure NFC device. By following this guide, you will be able to recover and protect your SMS on Android easily and effectively, while preserving your privacy, avoiding fraud and backing up your data.

Why Recover Your Deleted SMS on Android?

You may have deleted an important SMS on your Android smartphone by mistake. Or maybe you deleted an SMS on purpose, but regretted it later. Or maybe you lost your SMS because of a bug, a virus or a theft of your phone.

In all these cases, you can try to recover your deleted SMS with different methods. This can help you find useful information, precious emotions or unforgettable memories. It can also prevent problems or misunderstandings with your interlocutors.

However, these methods are not guaranteed to work and may have some drawbacks. For example, some of them may require you to reset your phone to factory settings, which erases all your data. Others may require root access to your phone, which voids your warranty and exposes your phone to security risks.

Below, here are some of the methods you can use to recover your permanently deleted SMS on Android.

Method 1: Recover Deleted SMS from Google Drive Backup

One of the simplest methods to recover permanently deleted SMS on an Android smartphone is to restore them from a Google Drive backup. Google Drive is an online storage service that lets you backup your data, including your messages, contacts, photos and more.

To use this method, you must have enabled Google Drive backup on your phone before deleting your messages. You must also have a backup that contains the messages you want to recover. Finally, you must reset your phone to factory settings and restore it from the backup.

Here are the steps to follow:

  • Backup all the important files on your phone that are not in the Google Drive backup.
  • Go to Settings > System > Reset options > Erase all data (factory reset).
  • Follow the instructions on the screen to complete the reset process.
  • When your phone restarts, sign in with the Google account you used to make the backup.
  • Choose to restore your phone from the Google Drive backup that contains your messages.
  • Wait for the restoration to finish and check if your messages are back.

Method 2: Recover Deleted SMS from Samsung Messages Trash

If you have a Samsung smartphone and use the default Samsung Messages app, you may be able to recover deleted SMS from the trash. This is a feature that stores your deleted messages for 30 days before erasing them permanently.

To use this method, you must have enabled the Trash option in the Samsung Messages settings before deleting your messages. You must also act quickly, as the messages will be erased after 30 days.

Here are the steps to follow:

  • Open the Samsung Messages app and tap on the three-dot menu icon in the top right corner of the screen.
  • Tap on Settings > Trash.
  • Select the conversation that contains the messages you want to recover.
  • Tap on Restore and confirm your choice.
  • Check if your messages are back in the conversation.

Method 3: Recover Deleted SMS with Third-Party Apps

If none of the above methods work for you, you may still have a chance to recover deleted SMS with third-party apps. These are apps that scan the memory of your phone and try to find and restore all the deleted data, including messages.

However, these apps are not guaranteed to work and may have some drawbacks. For example, some of them may require root access to your phone, which can void your warranty and expose your phone to security risks. Some of them may also charge you fees or display ads. Moreover, some of them may not be compatible with your phone model or Android version.

Therefore, before using a third-party app, make sure to read carefully its reviews, ratings, features, permissions and terms of use. Also backup all the important data on your phone before using an app that can modify or erase them.

Some of the popular third-party apps to recover deleted SMS on Android are:

  • FoneDog Android Data Recovery: This app claims to recover deleted text messages on Android without root. It also supports the recovery of other types of data, like contacts, photos, videos, WhatsApp messages, etc. It offers a free trial version and a paid version.
  • Dr.Fone – Data Recovery (Android): This app claims to be the world’s first Android data recovery software. It supports the recovery of various types of data on Android devices with or without root. It also offers other features, like backup and restore, screen unlock, system repair, etc. It offers a free trial version and a paid version.
  • SMS Backup & Restore: This app is not a recovery app per se, but a backup and restore app. It lets you backup your SMS and call logs on your phone, Google Drive, Dropbox or email. It also lets you restore them on your phone or another phone. It is a free app with ads and in-app purchases.

Statistics on Data Leaks by SMS or RCS

SMS and RCS are widely used communication channels, both for personal and professional exchanges. However, they are not immune to data leaks, which can have serious consequences for users and businesses. To illustrate these risks, here are some statistics:

  • A study by Thales found that 45% of businesses suffered a data breach or failed an audit involving data and applications in the cloud in 2021, up from 35% in 2020.
  • Employee errors were the biggest threat to sensitive or confidential data within their organizations in 2021, according to 47% of respondents in a study by Varonis. This means that employees can delete or send by mistake SMS containing sensitive or confidential data to unauthorized recipients.
  • Infobip reported that 60% of consumers read their SMS within 5 minutes of receiving them. This means that an SMS sent by mistake or intercepted by a third party can be read very quickly and cause harm to its recipient.
  • CM.com revealed that 75% of consumers use SMS to communicate with businesses. This implies that SMS often contain personal or professional information that can be exploited by hackers or competitors.
  • Juniper Research expects the number of RCS messages sent per year to reach 1.9 trillion in 2023. This represents an opportunity for businesses to offer enriched experiences to their customers, but also a challenge to protect these messages from data leaks.

These statistics show that SMS and RCS are popular but vulnerable communication vectors. It is therefore essential to protect your messages from malicious recovery attempts, using a technology like EviCypher NFC HSM. By following this guide, you will learn how to recover and protect your SMS on Android with EviCypher NFC HSM technology.

Real examples of data leaks by SMS or RCS

To illustrate the potentially serious consequences of a data leak by SMS or RCS, here are some real examples from the news. These examples show how important it is to recover and protect your SMS on Android devices. You never know who might try to access your messages and what they might do with them.

  • In 2018, Uber’s CEO, Dara Khosrowshahi, accidentally sent an SMS to a Wall Street Journal reporter instead of a board member. The SMS contained confidential information about Uber’s strategy in Asia and its relationship with SoftBank. The reporter published the SMS in his article, which caused embarrassment and a loss of credibility for Uber. If Uber had used EviCypher NFC HSM technology to recover and encrypt their SMS, they could have avoided this situation.
  • In 2019, François de Rugy, the French Minister of Ecological and Solidarity Transition, was forced to resign after the revelation of his lavish expenses. Among the evidence that incriminated the minister, there were SMS that he had sent to his wife and that were recovered by the magazine Mediapart. The SMS showed that the minister boasted of having organized lavish dinners at the taxpayer’s expense.
  • In 2020, US President Donald Trump was accused of pressuring Ukrainian President Volodymyr Zelensky to investigate his political rival Joe Biden. One of the key pieces of evidence in the impeachment case was an SMS sent by Gordon Sondland, the US ambassador to the European Union, to Bill Taylor, the US chargé d’affaires in Ukraine. The SMS said: “The president has been clear: no quid pro quo of any kind”. This SMS was interpreted as an attempt to conceal the blackmail exerted by Trump on Zelensky.
  • In 2021, the Indian government was accused of spying on journalists, activists and political opponents with the Pegasus spyware. This software allowed infiltrating smartphones and accessing messages, calls, photos and location of the targets. To infect smartphones, the software sent SMS or missed calls containing a malicious link to infiltrate smartphones. Several victims claimed to have received suspicious SMS before their phones were hacked.
  • In 2021, Orange, the French telecommunications group, was victim of a cyberattack that exposed the personal data of 15 million customers. The hackers exploited a flaw in Orange’s platform for sending promotional SMS, which contained information such as names, first names, dates of birth, phone numbers and email addresses of customers. Orange said it had fixed the flaw and filed a complaint against the perpetrators of the attack.
  • In 2021, Signal, the secure messaging service, revealed that Cellebrite, an Israeli company specialized in extracting data from smartphones, was able to decrypt SMS and RCS messages stored on Android devices. Cellebrite sells its tools to law enforcement and government agencies around the world, which poses risks for users’ privacy and security. Signal claimed to have found several flaws in Cellebrite’s software, which would allow compromising its data and analysis.
  • In 2021, WeChat, the Chinese social network, was accused of collecting and sharing user data with the Chinese government. Among the data collected, there were SMS and RCS messages sent and received by users on their Android smartphones. WeChat denied these accusations, but several countries such as India, the United States or Australia have banned or restricted the use of the app for national security reasons.

These examples show how important it is to recover and protect your SMS on Android devices. You never know who might try to access your messages and what they might do with them. That’s why we recommend using EviCypher NFC HSM technology to encrypt your SMS with your own encryption keys stored in a secure NFC device. This way, you can prevent any unauthorized access or interception of your sensitive messages. By following this guide, you will be able to recover and protect your SMS on Android easily and effectively.

How to recover and protect your calls, SMS, MMS and RCS on Android

You may wonder if someone can intercept and listen to your calls, SMS, MMS and RCS on your Android device. The answer is yes, it is possible, but it requires some skills and tools that are not easily accessible to the average user. However, you should be aware of the risks and the methods that hackers, companies or governments can use to spy on your communications. In this section, we will show you how to recover and protect your calls, SMS, MMS and RCS on Android with EviCypher NFC HSM technology.

An IMSI-catcher can capture your signals

An IMSI-catcher is a device that pretends to be a cell tower and captures the signals of nearby phones. It can collect information such as phone numbers, locations, contacts and messages of the targeted phones. It can also redirect or block calls, SMS, MMS and RCS, or modify their content. An IMSI-catcher can be small or large, hidden in a car or a backpack, or cover a wider area.

A data extraction tool can access your memory

A data extraction tool is a software or a hardware tool that can extract data from smartphones, such as Cellebrite, XRY or GrayKey. These tools can connect to a phone via USB or Bluetooth and access its memory, where calls, SMS, MMS and RCS are stored. They can also bypass the phone’s encryption or password protection, and recover deleted data. Law enforcement and government agencies often use these tools, but they can also fall into the wrong hands.

A spy app or a malware can monitor your activities

A spy app or a malware is a program that can be installed on a phone remotely or physically. It can run in the background and monitor all the activities of the phone, including calls, SMS, MMS and RCS. It can also record audio, take screenshots, track location and send all the data to a remote server or an email address. Some examples of spy apps or malware are mSpy, FlexiSPY, Pegasus or NSO Group.

EviCypher NFC HSM technology can encrypt your messages

These are some of the ways that someone can intercept and listen to your calls, SMS, MMS and RCS on your Android device. They are not easy to detect or prevent, but you can take some measures to protect yourself. For example, you can use encrypted apps like Signal or WhatsApp for your communications, avoid clicking on suspicious links or attachments in your messages, update your phone’s software regularly and use a strong password or biometric authentication for your phone. You can also use EviCypher NFC HSM technology to recover and protect your calls, SMS, MMS and RCS on Android with your own encryption keys stored in a secure NFC device. This way, you can prevent any unauthorized access or interception of your sensitive messages.

Why Protect Your Sensitive SMS with EviCypher NFC HSM?

You may have SMS that have a sensitive nature on your Android smartphone. They may be personal, professional or confidential messages that you do not want anyone else to read. But did you know that these messages can be recovered by malicious people who want to spy on your privacy, steal your personal or professional information, or blackmail you?

Indeed, there are data recovery methods that allow you to scan the memory of your phone and find and restore all the deleted data, including messages. These methods can be used by malicious people who have access to your phone or your Google Drive backup.

That is why it is important to protect your sensitive SMS with EviCypher NFC HSM, a technology that allows you to encrypt your messages with your own encryption keys. Thus, even if someone succeeds in recovering your deleted messages, they will not be able to read them without having access to your keys.

How Does EviCypher NFC HSM Work?

EviCypher NFC HSM is based on EviCore NFC HSM, which is a hardware security module that combines hardware encryption and NFC communication protocols to protect your keys and secrets. EviCypher NFC HSM allows you to store, manage, share and use encryption keys for various web services, such as email, online storage, cryptocurrency wallets, etc. It also allows you to encrypt and decrypt your SMS with your own keys.

EviCypher NFC HSM works with any Android smartphone with NFC capability. You can use different types of NFC devices, such as cards, stickers, keychains, etc. These devices are battery-free and powered by the NFC signal from your phone.

To use EviCypher NFC HSM to encrypt your SMS, you need to install the Freemindtronic (FMT) app on your phone and pair it with the NFC device that contains your encryption keys. Then, you can use the app to encrypt and decrypt your SMS with a simple gesture.

Here are the steps to follow:

  • Download and install the FMT app from the Google Play Store or the Apple App Store.
  • Launch the app and follow the instructions to create your account and set up your security settings.
  • Tap on the NFC icon in the app and select the option to pair a new NFC device.
  • Bring your phone close to the NFC device that contains your encryption keys. The app will detect the device and ask you to confirm the pairing.
  • Once the pairing is done, you can see your encryption keys in the app. You can also create, import or export new keys if you want.
  • To encrypt an SMS, open the FMT app and tap on the SMS icon. Select the contact you want to send an encrypted SMS to. Type your message and tap on the lock icon. The app will ask you to bring your phone close to the NFC device to encrypt your message with your key. Then, tap on the send icon to send your encrypted SMS.
  • To decrypt an SMS, open the FMT app and tap on the SMS icon. Select the contact you received an encrypted SMS from. Tap on the encrypted message and tap on the unlock icon. The app will ask you to bring your phone close to the NFC device to decrypt your message with your key. Then, you can read your decrypted SMS.

Click [here] to learn how EviCypher NFC HSM technology works.
Then click [here] to learn more about EviCypher NFC HSM technology.

What Are the Benefits of EviCypher NFC HSM?

Using EviCypher NFC HSM offers several benefits to protect your SMS:

  • It is easy to use and contactless. You do not need to type or remember passwords or codes. You just need to bring your phone close to the NFC device.
  • It is secure and anonymous. Your encryption keys are never stored or transmitted online. They are only stored in the NFC device and used in the volatile memory of your phone. No one can access or trace them without having physical access to the device.
  • It is flexible and versatile. You can use different encryption keys for different purposes and share them with other people securely. You can also use EviCypher NFC HSM for other web services besides SMS.

In conclusion

In this article, you have learned how to recover and protect your SMS on Android. You have discovered different methods to restore your messages erased by mistake or maliciously, as well as the risks and limitations of these methods. You have also understood how to secure your sensitive messages with EviCypher NFC HSM, an innovative technology that allows you to encrypt your messages with your own encryption keys. Finally, you have learned some statistics and examples that show the importance of protecting your personal or professional data from data leaks by SMS or RCS.

We hope this article has helped you to recover and protect your SMS on Android with ease. By using EviCypher NFC HSM technology, you can recover and encrypt your SMS with your own encryption keys stored in a secure NFC device. This way, you can prevent any unauthorized access or interception of your sensitive messages. If you have any questions or feedback, please feel free to contact us

 

Coinbase blockchain hack: How It Happened and How to Avoid It

Coinbase Blockchain Hack 2023 How it happened and how to avoid it

Coinbase blockchain hack by Jacques Gascuel: This article will be updated with any new information on the topic.  

The Crypto Nightmare

Imagine waking up one day and finding out that your hard-earned cryptocurrencies have been stolen by hackers who exploited a flaw in the blockchain platform you trusted. That’s what happened to thousands of users of Coinbase, one of the largest and most popular crypto platforms in the world, in August 2023. In this article, we will explain how this hack occurred, what were its consequences.

2024 Digital Security

Europol Data Breach: A Detailed Analysis

2024 Cyberculture Digital Security News Training

Andorra National Cyberattack Simulation: A Global First in Cyber Defense

2024 Digital Security

Apple M chip vulnerability: A Breach in Data Security

2024 Digital Security

Cybersecurity Breach at IMF: A Detailed Investigation

2024 DataShielder Digital Security PassCypher Phishing

Midnight Blizzard Cyberattack Against Microsoft and HPE: What are the consequences?

2024 Digital Security

PrintListener: How to Betray Fingerprints

How to Prevent Coinbase Blockchain Hack with EviVault NFC HSM Technology

What happened to Coinbase Chain?

The hack and its consequences

On August 5, 2023, Coinbase announced that it had been the victim of a massive hack that compromised its decentralized blockchain, resulting in the loss of more than $200 million worth of cryptocurrencies. The hackers exploited a flaw in the consensus protocol of the chain, which used a proof-of-stake (PoS) mechanism. By creating fake proofs of stake, the hackers controlled more than 51% of the computing power of the network. This allowed them to alter the transaction history and steal the funds from the users.

This hack is one of the largest and most sophisticated in the history of cryptocurrencies. It exposes the risks and challenges associated with the security of decentralized blockchains, which rely on the trust of the users and the verification of the transactions by the nodes of the network. Some experts say the hack of Coinbase Chain could damage the reputation and credibility of Coinbase, as well as the confidence of the investors and regulators in cryptocurrencies in general.

The response and the apology

Coinbase reacted quickly and took steps to stop the hack, identify the culprits, reimburse the victims and improve the security of its blockchain. Coinbase promised to reimburse all the users affected by the hack within 30 days and to strengthen the security of its decentralized blockchain. The company also apologized to its customers and to the crypto community for this incident.

Coinbase also announced that it would launch a bug bounty program to reward anyone who finds and reports vulnerabilities in its systems or products. The company said that it would pay up to $1 million for critical bugs that could compromise its platform or users’ funds. Coinbase also encouraged its users to enable two-factor authentication (2FA) and use hardware wallets or cold storage devices to protect their cryptocurrencies.

What is proof-of-stake (PoS) and how was it hacked?

The concept of PoS

Proof-of-stake (PoS) is a type of consensus mechanism or protocol that uses the amount of stake (or value) held in the system to determine consensus. In essence, a consensus protocol is what controls the laws and parameters governing the behavior of blockchains. Think of consensus as a ruleset that each network participant adheres to.

In PoS, the nodes of the network commit “stakes” of tokens for a set period of time in exchange for a chance at being selected to produce the next block of transactions. The selection process is usually random, but weighted by the size of the stake. The more tokens a node stakes, the higher its probability of being chosen as a block producer. The block producer then validates the transactions and broadcasts them to the rest of the network. The other nodes check the validity of the block and vote on whether to accept it or not. If a majority of nodes agree on the block, it is added to the blockchain and the block producer receives a reward in the form of transaction fees or newly minted tokens.

The advantages of PoS

PoS is designed to be more secure, efficient, and scalable than proof-of-work (PoW), which is another type of consensus mechanism that requires nodes to solve complex mathematical problems to produce blocks. PoW consumes a lot of energy and computing power, which makes it vulnerable to attacks and environmental issues. PoS, on the other hand, relies on economic incentives rather than computational resources, which makes it more eco-friendly and resistant to attacks.

The vulnerability of PoS

However, PoS is not immune to hacking, as demonstrated by the recent incident involving Coinbase Chain, a decentralized blockchain project launched by Coinbase, one of the largest and most popular cryptocurrency platforms in the world. According to a report published by Coinbase, hackers exploited a flaw in the consensus protocol of Coinbase Chain, which used a PoS mechanism. By creating fake proofs of stake, they controlled more than 51% of the computing power of the network. This allowed them to alter the transaction history and steal funds from users.

The flaw in Coinbase Chain’s consensus protocol was related to how it handled forks, which are splits in the blockchain caused by conflicting versions of blocks. Normally, when a fork occurs, the network follows the longest chain, which is assumed to be the most valid one. However, in Coinbase Chain’s case, the hackers created a longer chain by generating fake proofs of stake and tricking the network into accepting their version of blocks. This way, they reversed or modified previous transactions and double-spent their coins.

This hack shows that PoS is not foolproof and that it requires careful design and implementation to ensure its security and reliability. It also highlights the importance of using trusted and tested platforms and protocols for building decentralized applications and smart contracts on blockchains.

What are the statistics of crypto hacks?

The trends: DeFi frauds rise while overall crime drops

Coinbase blockchain hack is not an isolated case. Crypto hacks have been happening since the inception of cryptocurrencies, and they have caused significant losses for investors, traders, and platforms. According to a report by CipherTrace, a blockchain analytics firm, crypto-related crime dropped by 57% in 2020 compared to 2019, but still amounted to $1.9 billion in losses.

However, while overall crime decreased, one sector saw a surge in frauds: decentralized finance (DeFi). DeFi is a term that refers to various financial applications that run on blockchains without intermediaries or central authorities. DeFi platforms offer services such as lending, borrowing, trading, investing, and staking cryptocurrencies. DeFi has grown rapidly in popularity and value in recent years, reaching over $100 billion in total value locked (TVL) as of August 2021.

However, DeFi also poses significant risks and challenges for users and regulators. DeFi platforms are often unregulated, unaudited, and vulnerable to hacking, exploitation, or manipulation. According to CipherTrace, DeFi-related hacks accounted for 45% of all crypto thefts in 2020, totaling $129 million. In 2021, this trend has continued, with DeFi hacks reaching $361 million in the first half of the year. Some of the most common types of DeFi hacks are:

  • Flash loan attacks: A flash loan is a type of loan that allows users to borrow large amounts of crypto without collateral for a very short period of time (usually one transaction). Hackers can use flash loans to manipulate prices or liquidity on DeFi platforms and profit from arbitrage or liquidation opportunities.
  • Reentrancy attacks: A reentrancy attack is a type of attack that exploits a vulnerability in a smart contract that allows an attacker to repeatedly call a function before it finishes executing. This can result in multiple withdrawals or transfers of funds from the contract without proper checks or balances.
  • Oracle attacks: An oracle is a service that provides external data to smart contracts on blockchains. For example, an oracle can provide price information for different assets or currencies. Hackers can manipulate or compromise oracles to feed false or inaccurate data to smart contracts and cause them to execute malicious actions or transactions.

The examples: some of the biggest crypto hacks in history

Coinbase blockchain hack is one of the largest and most sophisticated crypto hacks in history, but it is not the only one. Here are some other examples of notorious crypto hacks that have occurred over the years:

The following table shows some of the biggest crypto hacks in history, based on the amount stolen and the date of occurrence:

Platform Date Amount stolen Type of hack
Mt.Gox 2014 850,000 Bitcoins ($450 million) Unknown
DAO 2016 3.6 million Ether ($60 million) Reentrancy attack
Bitfinex 2016 120,000 Bitcoins ($72 million) Security breach
Coincheck 2018 523 million NEM ($530 million) Security breach
Binance 2019 7,000 Bitcoins ($40 million) Security breach
KuCoin 2020 $281 million Security breach
Poly Network 2021 $610 million Exploit

The latest news on the Coinbase blockchain hack

Since the announcement of the hack, there have been some developments and updates on the situation. Here are some of the latest news on the Coinbase blockchain hack:

  • Hackers return some of the stolen funds: Hours after the hack, the attackers started returning some of the funds – first in small amounts and then in millions. They started sending back small transfers totalling a few dollars to the online wallets controlled by Poly – but then began making much larger deposits, totalling hundreds of millions. The reason for this is unclear, but some speculate that it could be due to pressure from law enforcement, remorse, or fear of being tracked.
  • Coinbase identifies the perpetrators: Coinbase claimed that it had identified the perpetrators of the hack, whom it called “brigands” and that it intended to sue them. The company did not disclose their identities or locations, but said that it was working with authorities to bring them to justice. Coinbase also said that it had evidence that the hackers were not affiliated with any state or organization.
  • Coinbase launches a bug bounty program: Coinbase announced that it would launch a bug bounty program to reward anyone who finds and reports vulnerabilities in its systems or products. The company said that it would pay up to $1 million for critical bugs that could compromise its platform or users’ funds. Coinbase also encouraged its users to enable two-factor authentication (2FA) and use hardware wallets or cold storage devices to protect their cryptocurrencies.

These are some of the latest news on the Coinbase blockchain hack. We will keep you updated on any further developments as they happen.

How could this hack have been prevented?

The solution: EviVault NFC HSM

One of the possible ways to prevent this type of hack is to use a technology developed by Freemindtronic, an Andorran company specialized in NFC security solutions. This technology is called EviVault NFC HSM, and it allows for physical offline secure storage of blockchain private keys, cryptocurrencies, wallets, Bitcoin, Ethereum, NFTs, Smart Contracts.

EviVault NFC HSM uses NFC (Near Field Communication) technology to communicate with an Android smartphone and allows access to cryptographic assets with a simple gesture. EviVault NFC HSM is protected by two patents by Jacques Gascuel: wireless access control and segmented key authentication. It integrates EviCore HFC HSM technology developed by Freemindtronic and compatible with EviCore HSM technology.

EviVault NFC HSM comes in different shapes and formats, such as EviTag NFC keychain, EviCard PVC or PCB card, EviPins or EviCard 2 Gen card with two NFC chips on PCB. The latter can store up to 200 blockchain private keys with automatic public address generator. It supports all private keys and derived blockchain keys. And it allows managing with public addresses Bitcoin BTC Ethereum Cash ECASH Namecoin NMC Bitcoin cash BCH Ethereum Classic ETC ReddCoin RDD Bitcoin Gold BTG Ethereum Gold ETG Ripple XRP Dash DASH Ethereum lite ELITE Solar Coin SLR Digibyte DGB Feather Coin FTC Stellar XLM Dogecoin DOGE IOTA Verge XVG Ethereum ETH Litecoin LTC TRON TRX Cardano ADA Polkadot DOT Binance Coin BNB.

EviVault NFC HSM is the ultimate solution to protect all cryptographic asset keys from hackers, theft or loss. Its private keys are stored in EviVault’s EPROM memory, encrypted by an AES 256-bit algorithm. EviVault NFC HSM also benefits from a patented contactless access control system that allows defining two distinct access profiles: administrator and users, without allowing them to access each other’s secrets without their authorization. EviVault NFC HSM also has a patented segmented key authentication system that allows defining up to 9 trust criteria for encrypting its secrets, such as geolocation, BSSID, password or fingerprint.

By using EviVault NFC HSM technology, coinbase users could have secured their funds by storing them in an offline NFC device that offers a high level of protection and encryption for their keys and secrets. They could have avoided the risk of hacking, theft or loss of their cryptocurrencies, and have full control over their digital assets without depending on a centralized platform. They could also enjoy ease of use and speed of transaction thanks to NFC technology, which allows communicating with their Android smartphone and accessing their cryptographic assets with a simple gesture. EviVault NFC HSM is therefore a revolutionary technology for the security of coinbase and cryptocurrencies in general.

Click [here] for more information on EviVault NFC HSM Technology
Click [here] for more information on EviCore NFC HSM Technology

The alternative: EviSeed NFC HSM

Another technology that can provide security against this hacking of Coinbase is EviSeed NFC HSM, also developed by Freemindtronic. EviSeed NFC HSM is a technology that lets you store your crypto seed phrase in a simple, efficient and durable way. A seed phrase is a sequence of words, usually 12 or 24, that serves as a recovery key for your crypto wallet. If you lose your seed phrase, you lose access to your funds. If someone steals it, they can access your wallet and divert your funds.

EviSeed uses the standards of the BIP (Bitcoin Improvement Proposal) formats, especially the BIP39, to generate, enter or scan seed phrases without error thanks to a checksum control. EviSeed allows you to back up your seed phrases encrypted with your own encryption keys that can be segmented according to an implementation of the invention patent on segmented key authentication. You can use any type of fixed or removable media to store your seed phrases, including Freemindtronic’s NFC HSM devices, which are contactless hardware security modules. EviSeed also generates a QR code containing your encrypted seed phrase, which you can print, share, send or save between NFC HSMs by scanning the QR code encrypted in RSA 4096.

EviSeed offers you several advantages over traditional methods of storing seed phrases, such as paper, metal or digital media. EviSeed is simple: you don’t need to write or engrave your seed phrase, just scan it with the EviSeed app and transfer it to the media of your choice. EviSeed is efficient: you don’t need to memorize or type your seed phrase, just scan it with your smartphone to restore your wallet. EviSeed is durable: the media you choose to store your seed phrase can be resistant to water, fire, shocks and scratches. It does not deteriorate over time.

By using EviSeed NFC HSM technology, coinbase users could have backed up their seed phrases securely and conveniently. They could have restored their wallets easily in case of loss or theft of their devices. They could have also protected their seed phrases from physical or digital attacks thanks to the encryption and segmentation features of EviSeed.

Click [here] for more information on EviSeed NFC HSM

In conclusion

The hack of Coinbase’s decentralized blockchain was a major event that exposed the vulnerabilities and challenges of decentralized platforms. The hackers exploited a flaw in the proof-of-stake consensus protocol of Coinbase Chain and stole more than $200 million worth of cryptocurrencies from the users. Coinbase reacted quickly and took steps to stop the hack, identify the culprits, reimburse the victims and improve the security of its blockchain.

However, this hack could have been prevented by using EviVault NFC HSM technology, which allows for physical offline secure storage of blockchain private keys and cryptocurrencies. EviVault NFC HSM is a patented technology developed by Freemindtronic that offers a high level of protection and encryption for cryptographic asset keys, as well as ease of use and speed of transaction thanks to NFC technology.

This article shows that proof-of-stake is not foolproof and that it requires careful design and implementation to ensure its security and reliability. It also highlights the importance of using trusted and tested platforms and protocols for building decentralized applications and smart contracts on blockchains. Moreover, it demonstrates that EviVault NFC HSM is a revolutionary technology for the security of coinbase and cryptocurrencies in general.

Therefore, we recommend that coinbase users adopt EviVault NFC HSM technology to protect their funds from hacking, theft or loss. We also suggest that coinbase developers review their consensus protocols and implement best practices to prevent future attacks. Finally, we urge coinbase regulators and policymakers to establish clear standards and guidelines for ensuring the safety and integrity of decentralized platforms.