Latest News

Popular Hardware Crypto Wallet OneKey Hacked by Security Firm, Proving Critical Vulnerability

A cybersecurity firm has hacked a popular cryptocurrency wallet, demonstrating to its developers that it contains critical flaws.

Unciphered, a cybersecurity firm, reveals to its YouTube audience in a new video update how they were able to breach the defenses of crypto wallet OneKey and notify its developers of the exploit.

“This is how the hack operates. The CPU and the secure element are both present. Your crypto keys are stored in the secure element. Normally, communications between the CPU, where the processing occurs, and the secure element are encrypted.

It turns out that it wasn’t designed to do so in this space. We discovered this. So you put a tool in the middle that monitors and intercepts communications before injecting [its] own commands.

We did that so that the secure element knows it’s in factory mode and we can take your mnemonics, which is your money in crypto, out. So we enrolled OneKey in their bug bounty program and got them to patch it.”

According to the cybersecurity experts, OneKey was relieved that the exploit was discovered because bad actors could have used it to steal customer funds.

“Things like this are a critical vulnerability. It’s terrible. OneKey was relieved that we brought this to their attention, and that we did so before a malicious actor discovered it and stole people’s crypto.”


Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.