Vulnerabilities Are Detected On Trezor Hardware Crypto Wallets
Ledger, a French crypto company producing hardware wallets of the same name, has announced a number of vulnerabilities detected on crypto wallets of its competitor Trezor. Detailed information is published on the Ledger website.
Vulnerabilities on the Trezor devices were found by the specialists of Attack Lab, which is part of Ledger. The department regularly hacks the company's own wallets, as well as competitors' devices, to work further on their security.
In general, several vulnerabilities have been detected. The first one is that the Trezor One and Trezor T models can be easily faked. An attacker can take a wallet out of the box, hack it, plant a virus file, and then reseal it by forging a sticker that protects the device from external access. The Ledger experts claim that it is necessary to reformat the entire design of the company's wallets to eliminate this vulnerability. It is noteworthy that Trezor representatives warned users about the appearance of fake crypto wallets on the market in November 2018.
The second vulnerability is related to the fact that the laboratory staff managed to find the PIN-code for the Trezor crypto wallets. They organized the attack using a third-party channel. The Trezor specialists subsequently dealt with this issue.
The Attack Lab engineers have also discovered a vulnerability related to the possibility of theft of personal data of a crypto wallet user. Having physical access to the Trezor One and Trezor T models, a fraudster can control data and, accordingly, digital assets of owners. The specialists working at the unit propose to fix this with the Secure Element chip.
As previously reported, an American startup VaultTel presented the smallest crypto wallet for cold storage.