Head Topics

It’s Possible to Clone YubiKeys Thanks to a Newly Discovered Vulnerability

United States News News

It’s Possible to Clone YubiKeys Thanks to a Newly Discovered Vulnerability
United States Latest News,United States Headlines
  • 📰 Gizmodo
  • ⏱ Reading Time:
  • 50 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 23%
  • Publisher: 51%

If you’ve got several hours, lots of technical knowledge, and an oscilloscope, you can clone a YubiKey.

Yubico security keys are shown at ShowStoppers during the 2017 Consumer Electronic Show in Las Vegas, Nevada on January 5, 2017.Security researchers have discovered a vulnerability in YubiKey 5 that would allow a dedicated and resourceful hacker to clone the device. AsMillions of people use YubiKeys as part of a multi-factor authentication system to keep sensitive accounts locked down.

According to NinjaLab, the vulnerability impacts all YubiKey 5s using firmware 5.7 or below as well as “all Infineon security microcontrollers that run the Infineon cryptographic security library.” NinjaLab tore down a key, hooked it up to an oscilloscope, and measured the tiny fluctuations in the electromagnetic radiation put out by the key while it was authenticating.

“Note that the cost of this setup is about ,” NinjaLab said. Using a fancier oscilloscope could push the cost of the whole operation up an additional $30,000. NinjaLab stressed repeatedly in its research that exploiting this vulnerability takes extraordinary resources. “Thus, as far as the work presented here goes, it is still safer to use your YubiKey or other impacted products as FIDO hardware authentication token to sign in to applications rather than not using one,” it said.The feature will make its way out to Windows beta testers in October, and Microsoft claims security is its ‘top priority.

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

Gizmodo /  🏆 556. in US

United States Latest News, United States Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Some YubiKeys have an unfixable vulnerability that’s hard to exploitSome YubiKeys have an unfixable vulnerability that’s hard to exploitSecurity researchers have detected a vulnerability in YubiKey two-factor authentication tokens that enables attackers to clone the device if they get their hands on it.
Read more »

Star Wars: 10 Things You Never Knew About The Clone WarsStar Wars: 10 Things You Never Knew About The Clone WarsHow well do you know your Clone Wars?
Read more »

I'm So Tired Of Star Wars Animation Getting Overlooked & ForgottenI'm So Tired Of Star Wars Animation Getting Overlooked & ForgottenAhsoka crossing her arms in Star Wars: The Clone Wars season 7 (2020) between blurred posters of The Mandalorian (2019-) and The Clone Wars (2008)
Read more »

This hand-crampingly tiny GBA clone has a 0.85-inch screenThis hand-crampingly tiny GBA clone has a 0.85-inch screenThe $49 Thumby Color looks like a miniature version of the Nintendo Game Boy Advance, but unlike other retro handhelds on the market, it’s not powerful enough to play classic GBA games.
Read more »

How Hackers Extracted the ‘Keys to the Kingdom’ to Clone HID KeycardsHow Hackers Extracted the ‘Keys to the Kingdom’ to Clone HID KeycardsA team of researchers have developed a method for extracting authentication keys out of HID encoders, which could allow hackers to clone the types of keycards used to secure offices and other areas worldwide.
Read more »

This parasite uses a clone army to suck out the guts of its enemiesThis parasite uses a clone army to suck out the guts of its enemiesAttack of the clones? Scientists think this is the first known example of a soldier caste in flatworms.
Read more »



Render Time: 2025-02-28 14:25:47