CertiK reveals critical vulnerability in mobile device Trusted Execution Environment (TEE)
CertiK tested devices equipped with TEE-based dedicated wallets, revealing a major vulnerability in the trusted execution environment (TEE) of mobile devices. TEE has always been considered the ultimate defense for device security, requiring users to access TEE wallets through a PIN code when setting up wallets in "secure mode" on the device. However, CertiK's test results show that attackers can easily extract the PIN code stored in the TEE, and then access the wallet and obtain the private key, successfully stealing assets. The manufacturer of the test device quickly contacted CertiK and fixed the problem with the TEE seed library in the latest version. CertiK emphasized that Web3 users must remain highly vigilant and guard against implementation flaws in security measures. When necessary, professional third-party security audits and technologies should be sought to protect their assets.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
WisdomTree has filed for a Delaware trust to launch an XRP ETF
Avalanche launches Avalanche9000 testnet to reducing costs and enable permissionless L1s
Visionary or 'financial comedy'? Market participants weigh MicroStrategy's stock premium amid bitcoin buying spree
MicroStrategy, with a market cap of around $85 billion, currently holds 331,200 bitcoin worth about $30 billion.The stock’s 440% year-to-date surge has baffled some financial pundits, while others have cheered its corporate strategy.
Congress’s top priorities this lame duck session
Here’s a look at what lawmakers are most focused on in these final weeks of the 118th Congress
Trending news
MoreCrypto prices
More
