Kraken Security Labs has identified a critical security issue in Trezor hardware wallets which enables seeds to be extracted from the devices.
Kraken Finds Flaw in Trezor Wallets
Kraken researchers claim they were able to access Trezor One and T wallet keys by manipulating the voltage in the micro-controller. These hardware components hold vital information, such as seeds, yet are not designed for such purposes. This vulnerability has been understood for some time, and has also been discovered on other hardware wallets.
To exploit this bug, an attacker needs access to the physical device, which limits the seriousness of this threat. Nevertheless, devices designed to crack Trezor wallets using this procedure could easily be made. Overall, the team stated that it only takes 15 minutes to exploit this flaw using specialized equipment.
The Trezor team, however, is already aware of this problem, and were quick to publish a response to Kraken’s findings today. Although this is not the first vulnerability found on Trezor devices, fixing it will likely require a complete hardware redesign.
Wallet Security Remains A Serious Challenge For The Crypto Space
The ability to securely store blockchain assets is an ongoing challenge. Expert opinions differ on the best methods, yet most agree that hardware wallets, kept offline, are the safest means to prevent theft.
There are, of course many quality software wallets available. However, these also come with risks. Of particular concern is desktop wallets, which have been proven to be vulnerable to keyloggers and malware.
To help resolve this issue, crypto custody services such as Baakt and Gemini are now emerging, often with insurance against loss and independent auditing to ensure proper handling of crypto assets. Nevertheless, these services often charge high fees and have drawn the ire of many crypto purists who see them as unnecessary.
Trezor has developed a good reputation for producing quality equipment, and its hardware wallets are in high demand. Thus, it is all but certain that the company will take this current issue very seriously, and find a solution.
It is also worth noting that there are no known cases of crypto theft due to exploiting hardware wallet flaws. Also, the vast majority of cryptocurrency theft is due to user error. If handled properly hardware wallets are extremely secure, and are routinely updated as blockchain technology advances.
What do you think about the latest security flaws found in Trezor wallets? Add your thoughts below!
Images via Amazon Stock Image The post appeared first on Bitcoinist.com. origin »
Специалисты Kraken Security Labs сообщили, что нашли критическую уязвимость в аппаратных кошельках Trezor, открывающую возможность извлечения seed-фразы в течение 15 минут. 🚨It took Kraken Security Labs just 15 minutes to hack both of @trezor’s crypto hardware wallets.
In shocking news, cryptocurrency exchange Kraken’s Security Labs announced that they were able to find a “critical flaw” in Trezor hardware wallets. Kraken Security Labs announced on Friday that they have devised a way to extract seeds from both crypto hardware wallets of Trezor One and Trezor Model T.
The security research team at Kraken has found a way to hack into the popular Trezor bitcoin hardware wallet. In merely 15 minutes with physical access to the device, the team extracted seeds from the wallet.
Руководитель Kraken отметил лучшие примеры для хранения криптовалюты, после взлома Cryptopia, среди которых хранение в холодных кошельках. По словам генерального директора Kraken, Джесси Пауэлла, пользователям не нужно держать больше криптовалюты на биржах, чем может понадобится для активной торговли.
Генеральный директор криптобиржи Kraken Джесси Пауэлл после недавней атаки на платформу Cryptopia призвал инвесторов перевести свои средства на аппаратные кошельки для их автономного хранения. Соответствующее предложение глава торговой площадки разместил на своей странице в Твиттере.
Trezor has launched the Safe 7, a next-generation hardware wallet featuring the world’s first transparent secure element and a quantum-ready architecture. In a press release shared with crypto.news, Trezor announced the launch of the Safe 7, a next-generation hardware wallet…
Производитель аппаратных криптокошельков Ledger представил опцию под названием Recovery Key — физический ключ, позволяющий восстановить доступ к устройствам моделей Stax и Flex.
Crypto hardware wallet provider Trezor has issued a security caution to its users, warning of a new tactic being used by malicious actors to impersonate the company and phish for sensitive information. In a post on June 23 via social…
