Verbatim USB Drive’s Security Update: Brute Force Your Way to Data!
The Verbatim Keypad Secure USB drive, despite its AES 256-bit encryption, is vulnerable to offline brute-force attacks. With the latest update, it’s like locking your front door but leaving the windows open. The drive’s design flaw allows attackers to guess passcodes and access encrypted data, giving new meaning to “secured by design.”
Hot Take:
When it comes to Verbatim’s Keypad Secure USB drive, it seems like the only thing “secure” is how securely it locks you out after you’ve accidentally misremembered your passcode 20 times. But don’t worry, hackers with a knack for offline brute-force attacks have you covered—they can crack it wide open faster than you can say “AES-XTS-256”!
Key Points:
- The Verbatim Keypad Secure USB drive, despite its AES 256-bit encryption, is vulnerable to offline brute-force attacks.
- This vulnerability is due to insecure design, even after the latest security update.
- The attack method involves generating derived AES-XTS keys for all possible passcodes.
- Matthias Deeg of SySS GmbH demonstrated the vulnerability with a custom brute-forcing tool.
- There’s currently no solution for this security issue, leaving users’ encrypted data at risk.
Already a member? Log in here