Crypto Vulnerability Allows Cloning of YubiKey Security Keys


The “Eucleak” vulnerability, discovered by NinjaLab, allows attackers to clone YubiKey security keys through a side-channel attack on an Infineon cryptographic library. By accessing the device physically and measuring electromagnetic signals during cryptographic operations, attackers can infer private keys and clone the device for targeted account access. Yubico has issued a security advisory and is transitioning to a different cryptographic library to address this issue. Devices running newer firmware versions are not affected.

Read More


thumb-image

Solutions