In this paper, we present a practical power-analysisbased attack on KCipher-2 software implemented on microcontrollers. The key idea of the proposed attack is to exploit aspecific Hamming weight (HW) leakage from low-end microcontrollers or to skip a specific part of the software sequence by a fault injection on low-end microcontrollers in addition toa conventional power analysis available for KCipher-2 hardware. The efficiency and validity of the proposed method are demonstrated through experiment on KCipher-2 software implemented on 8-bit AVR and 32-bit ARM microcontrollers. The proposed attack can reveal the entire 128-bit key of KCipher-2 within a realistic computation cost, while the conventionalattack does not. In this paper, we also present a compact countermeasure against the proposed attack on the basis of random masking techniques, which can be implemented on aresource-constrained microcontroller.