Implausible Deniability on Nostr: Urgent for Blockstream Jade and Trezor 3 users: Security researchers discover ...
Urgent for Blockstream Jade and Trezor 3 users:
Security researchers discover critical vulnerability (CVE-2025-27840) in ESP32 chip, used in several renowned bitcoin hardware wallets.
This vulnerability allows attackers to forge ECDSA signatures and make unauthorized transactions, according to Crypto Deep Tech.
Block stream Jade's exploit is through its Bluetooth and WiFi capability.
Trezor is a supply chain exploit, where malicious actors can steal keys before reaching the end user.
Published at
2025-04-17 12:55:33Event JSON
{
"id": "54cfadf8038016a3ba20f025aff7cb13a1ab3de5ce011c102c766faedf6e098f",
"pubkey": "046990634363739961d3afa4fc2241d6f665acd124a23fc189ac704d74e4d092",
"created_at": 1744894533,
"kind": 1,
"tags": [
[
"r",
"https://image.nostr.build/c0d9d493aba0363852aac1ddc0213dd0bda81d026eef87c486532717e9708418.jpg"
],
[
"imeta",
"url https://image.nostr.build/c0d9d493aba0363852aac1ddc0213dd0bda81d026eef87c486532717e9708418.jpg",
"x b5dc7c0e0154d21fdd16b5a38ac7734f6cf03972183593891d80864aa213b6c5",
"size 250429",
"m image/jpeg",
"dim 1170x1976",
"blurhash ]4A^OK~q00ay00-;Rj%Moft79FRjxuof%MWBRjWBWBt7RjRjWBM{xu?bRjRjWBfQ4nt7xuM{%MD%xut7M{xu00IU%Mxu%M",
"ox b5dc7c0e0154d21fdd16b5a38ac7734f6cf03972183593891d80864aa213b6c5",
"alt "
]
],
"content": "Urgent for Blockstream Jade and Trezor 3 users:\n\nSecurity researchers discover critical vulnerability (CVE-2025-27840) in ESP32 chip, used in several renowned bitcoin hardware wallets.\n\nThis vulnerability allows attackers to forge ECDSA signatures and make unauthorized transactions, according to Crypto Deep Tech.\n\nBlock stream Jade's exploit is through its Bluetooth and WiFi capability.\n\nTrezor is a supply chain exploit, where malicious actors can steal keys before reaching the end user.\n\nhttps://image.nostr.build/c0d9d493aba0363852aac1ddc0213dd0bda81d026eef87c486532717e9708418.jpg",
"sig": "5418d059a555236d0dfd9a5896820c9db44febf38a6558a3b3a779dcae44e6e0d150b1a63b5216fa74fc7cb178b20996e44e0b2a33b4de6ff5902139595c850d"
}