Category: Crypto
Difficulty: Medium
Author: nullableVoid*#7225
"We have been notified by our customers that unauthorised code has been executed on devices using a cryptographic oversight, likely by an Australian APT. We are deeply sorry, and will aim to work with affected customers and law enforcement. For the time being, we urge our customers to update to the latest version (6.9) which uses the more sophisticated ECDSA scheme facilitated by government-approved cryptography (P-256) and also provides an audit log for incident response."