New ESP32 Chip Flaw Lets Hackers Steal Bitcoin Keys from Popular Wallets

A dangerous security flaw has been discovered in the Chinese-manufactured ESP32 chip, a microcontroller embedded in billions of IoT devices, including several popular crypto wallets.

Cybersecurity firm Crypto Deep Tech found the vulnerability, which was officially cataloged as CVE-2025-27840 in March. This bug allows attackers to forge cryptographic signatures and steal private keys without users' knowledge.

ESP32 Chip Vulnerability Targets Core Cryptographic Operations

Researchers revealed that the flaw stems from multiple weaknesses in the ESP32 architecture, including a weak pseudo-random number generator (PRNG) that makes cryptographic keys dangerously predictable and a failure to reject invalid private keys (≤ 0).

Cryptographic flaws in ESP32 chip/ Source: Crypto Deep Tech

These design lapses make the chip vulnerable in crypto use cases.

"The ESP32 acts as a gateway to sensitive networks and cryptographic credentials," the report warns.

Wallets like Blockstream Jade face high risks. Attackers can also exploit the chip's Bluetooth and Wi-Fi capabilities to spoof MAC addresses, manipulate memory, and inject malicious code to steal Bitcoin keys.

In one simulated attack, researchers extracted the private key to a wallet containing 10 BTC without alerting the owners.

One of the exploit’s most alarming aspects is the electrum_sig_hash function, which is used in Electrum-based wallets.

The function's flawed logic allows attackers to exploit non-standard message formatting and generate forged ECDSA signatures that validate legitimate Bitcoin transactions.

Due to the ESP32's support for message prefixing, Bitcoin addresses can be encoded before applying double SHA256 hashing, bypassing typical safeguards and allowing forgery.

Wider Implications Beyond Crypto Wallets

ESP32 chips are embedded in millions of smart home devices, routers, and automation systems. Experts warn that the bug could lead to massive state-level cyberattacks and supply chain compromises.

"This is not just about Bitcoin. It's about the security of the internet-connected world," the researchers stated.

Although commercial wallets like Ledger and Trezor incorporate enhanced security, they are not invincible.

A March 13 security audit by Ledger found that Trezor's Safe 3 and Safe 5 models are vulnerable to supply chain attacks due to their reliance on microcontrollers for key verification and cryptographic operations.

Despite including secure elements, operations such as transaction signing are still carried out on potentially vulnerable microcontrollers.

At @Ledger, you might know that we have the @DonjonLedger, our dedicated team constantly conducting open security research.

We recently worked with Trezor, revealing that their Trezor Safe 3 was susceptible to physical supply chain attacks. Here's a thread on our findings: