New research suggests that hackers could target Google’s physical security keys that might break into user devices and steal personal information.
Security experts have discovered a security vulnerability affecting the hardware contained in the Google Titan and YubiKey security keys that has become popular with users looking for that extra level of protection.
The mistake is exposing the encryption keys used to protect a device and leaving it unsecured and open to attack from outside sources.
The results come from Victor Lomne and Thomas Roche, researchers at the Montpellier-based NinjaLab, who have all versions of Google’s Titan Security Key, Yubico Yubikey Neo and several Feitian FIDO devices (Feitian FIDO NFC USB-A / K9, Feitian MultiPass FIDO ) examined / K13, Feitian ePass FIDO USB-C / K21 and Feitian FIDO NFC USB-C / K40)
The duo discovered a bug that could allow hackers to recover the primary encryption key used by the encryption device to generate cryptographic tokens stored in …