According to BlockBeats, on August 9, the latest report showed that security researchers have discovered a new attack mechanism called "Dark Skippy", which hackers can use to extract private keys from Bitcoin hardware wallets with only two signature transactions. The vulnerability may affect all hardware wallet models, but it will only work if the victim is tricked into downloading malicious firmware.

The previous version of Dark Skippy required dozens of transactions to work, while the new version of Dark Skippy only requires a few transactions to execute. In addition, the attack can be performed even if the user relies on a separate device to generate a mnemonic.

The disclosure report was published by Lloyd Fournier, Nick Farrow and Robin Linus. Fournier and Farrow are co-founders of hardware wallet manufacturer Frostsnap, while Linus is a co-developer of Bitcoin protocols ZeroSync and BitVM. (Cointelegraph)