News

Trezor Responds to Ledger Report on Its Wallet Vulnerabilities

The team behind the Trezor hardware wallet has addressed the vulnerabilities exposed by rival hardware wallet manufacturer Ledger. On March 11, Ledger released a report that detailed 5 vulnerabilities in the Trezor wallet.

Ledger has a division that focuses on finding exploits and bugs in its own and competitor’s wallets. Attack Lab, the team that found the flaws, noticed several possible attack opportunities in the Trezor wallet.

The two most notable are that the Trezor wallet can be exploited by injecting the device with malware and re-sealing it in its box. The team also guessed the PIN number of the device through a side channel attack.

The report read:

The analysis encompassed both of Trezor’s hardware wallets (Trezor One, Trezor T), focusing on the Trezor One. It also applies to clones of Trezor wallets. We responsibly disclosed these vulnerabilities to the vendor, allowing them to take appropriate measures for protecting their users.

Trezor responded almost immediately, responding the day after on March 12. The Trezor team stressed that none of the vulnerabilities discovered were exploitable remotely, and some of them have been patched.

Source: Trezor blog

They also say that all of the attacks require physical access to the device, specialized equipment and technical expertise. Trezor refers to a survey conducted by Binance, which concluded that two-thirds of respondents perceive remote attacks as the most threatening.

Trezor concluded by saying that no wallet is 100% safe:

This whole episode is a valuable lesson for us. We need to communicate something that we already know: No hardware is unhackable, and depending on what your security model is, there are tools which you can use to mitigate threats. For users who are wary of physical attacks, passphrases for plausible deniability and operational security are the way to go. For users who are concerned about remote attacks, nothing changes.

Abhimanyu Krishnan

Abhimanyu is an engineer on paper but a writer by living. To him, the most celebratory aspect of blockchain technology is its democratic nature. While he’s hodling, he can be found reading a good book or making the local dogs howl with the sound of his guitar playing.

Share
Published by
Abhimanyu Krishnan

Recent Posts

Is A Silicon City Tech Giant Behind BlockDAG Network As Its $11.4M Presale Outcasts Floki Inu Price Surge Amid BOME Fluctuation

With Floki Inu's next bull run approaching, investors are closely monitoring its innovative token burn…

2 weeks ago

BlockDAG Becomes Top Crypto Investment Choice with $9.9M Presale, Beating Fantom & Apecoin

BlockDAG (BDAG) has continued to stand out with its innovative presale strategy, offering early investors…

2 weeks ago

Render and Dogecoin Price Predictions Defy Expectations As BlockDAG Emerges as the Highest ROI Crypto for 2024

As we venture into 2024, the crypto market is brimming with potential for unprecedented growth.…

2 weeks ago

Solana’s 20% Trading Spike Sparks BlockDAG Presale Interest While Memeinator Presale Reaches Edge

This analysis contrasts the flourishing momentum of BlockDAG coin's presale against the backdrop of the…

3 weeks ago

CryptoGames Review: Bitcoin and Altcoin Casino

Ever wondered what it is like to experience the extravagant casino vibes in the comfort…

2 years ago