Techly NewsGet the app

Get the latest tech news

YubiKey vulnerability will let attackers clone the authentication device


NinjaLab, a security research company, has discovered a vulnerability that would allow bad actors to clone YubiKeys.

YubiKeys are the most well-known FIDO authentication keys, and they're supposed to make accounts more secure, since users would have to plug it into their computers before they could log in. Bottom line is that users part of government agencies or anybody handling very, very sensitive documents that could make them espionage targets would have to be very careful with their keys. For ordinary users, as researchers wrote in their paper, "it is still safer to use YubiKey or other impacted products as FIDO hardware authentication token to sign in to applications rather than not using one."

Get the Android app

Or read this on Endgadget

Read more on:

Photo of attackers

attackers

Photo of YubiKey

YubiKey

Related news:

News photo

New Eucleak attack lets threat actors clone YubiKey FIDO keys

News photo

EUCLEAK Side-Channel Attack on the YubiKey 5 Series

News photo

The Yubikey Is the Digital Seatbelt We Need

« Astro Bot is virtually flawless and a joyous celebration of gaming
Google’s Nest floodlight camera is a solid $70 off right now »