Oddbean new post about | logout
 Older YubiKeys Vulnerable to Sophisticated Cloning Attacks - Report

- The attack requires $11,000 in equipment and advanced electrical and cryptographic knowledge, likely limiting it to nation-states or similar entities in targeted scenarios. The risk of widespread attacks is extremely low.

- YubiKeys with firmware before version 5.7 (released in May with a custom cryptolibrary) are vulnerable. Firmware updates aren't possible, so affected YubiKeys remain permanently at risk.

https://www.nobsbitcoin.com/older-yubikeys-vulnerable-to-cloning-attacks/