Kraken Finds Trezor Hardware Wallet Vulnerability

Share some Bitpinas love:

February 7, 2020 – 15 minutes was all the time it took for Kraken Security Labs to hack the Trezor cryptocurrency wallet. The flaw is ingrained to the hardware wallet itself so it cannot be fixed. However, Kraken and Trezor recommended some tips to make sure the hack will never happen.

In a blog post, Kraken Security Labs, the research firm of Kraken crypto exchange said they were able to exploit a “voltage glitching” on the Trezor One and Trezor Model T Wallets, allowing them to extract “encrypted seeds”, which means they got access to what was supposed to be a very secure hardware. They’ve done this while only having physical access to the hardware for just 15 minutes.

Kraken first publicly announced the security flaw in October 2019, but Trezor was also made aware of the vulnerability beforehand. This vulnerability persists because it is inherent to microcontroller inside Trezor wallets. “The only fix is to put out a new device,” said Kraken Chief Security Officer Nick Percoco.

In a tweet, Trezor responded and said that it is not possible for an attack to happen remotely to the hardware. The attacker must have physical access to the device for them to be able to do it. Additionally, it will not work if users turned on their BIP 39 passphrase.

Some, including Percoco are saying the Passphrase feature must not be optional. Of course, the other is that only the owner of the Trezor should have access to the device.

Source: Kraken via The Block Crypto

This article is published on BitPinas: Kraken Finds Trezor Hardware Wallet Vulnerability


Share some Bitpinas love:

What do you think of this article?

Let us know in the comments below.

Subscribe
Notify of
guest
6 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments

… [Trackback]

[…] Information to that Topic: bitpinas.com/news/kraken-finds-trezor-hardware-wallet-vulnerability/ […]

… [Trackback]

[…] Read More here on that Topic: bitpinas.com/news/kraken-finds-trezor-hardware-wallet-vulnerability/ […]

… [Trackback]

[…] Read More on that Topic: bitpinas.com/news/kraken-finds-trezor-hardware-wallet-vulnerability/ […]

trackback

… [Trackback]

[…] Information on that Topic: bitpinas.com/news/kraken-finds-trezor-hardware-wallet-vulnerability/ […]

trackback

Masum

[…]The info mentioned inside the post are several of the most effective accessible […]

Michael Mislos

A business ad graduate from the Pamantasan ng Lungsod ng Maynila, Mike is the website manager of Bitpinas.com. He is responsible for almost every content you see on the site, from topic/news selection to editing of articles. Mike believes correct information about blockchain and cryptocurrency can empower people to make accurate decisions about the industry, which, in turn, should deter bad actors from taking advantage of crypto & blockchain. [Telegram @mikemislos]