Ledger has discovered a security flaw in the Trezor Safe 3 and Safe 5 wallets that could allow users to remotely steal funds.
Ledger has discovered a security flaw in the #Trezor Safe 3 and Safe 5 wallets that could allow users to remotely steal funds.
The microcontroller is vulnerable to power surge attacks, and hackers could modify the firmware and steal private keys.
Trezor's authentication system only checks the protected elements, not the microcontroller, so attacks on the firmware are undetectable.
the latest Trezor Safe 3 and Safe 5 hardware wallets The Safe 3 and Safe 5 hardware wallets have serious security problems, according to a #Ledger report released March 12.
According to the same report, Ledger's security research team, Donjon Donjon, despite Trezor's move to a dual-chip design that includes an EAL6-certified secure element, found numerous vulnerabilities in the wallets that could allow hackers to remotely access user funds.
The flaw occurred despite Trezor's move to a dual-chip design that includes an EAL6-certified secure element. Although the secure element protects the PIN and #private key, Ledger reports that all cryptographic operations are still performed on the microcontroller, making it vulnerable to power surge attacks.
Trezor will release Safe 3 in late 2023 and Safe 5 in mid-2024, and both wallets will be
This update also adds Infineon's Optiga Trust M security element, which is a PIN or encrypted code. This will be a special chip for storing PINs and encrypted secrets; according to research
Leisure, this security element prevents access to sensitive data until the correct PIN is entered. It also blocks hardware attacks such as voltage glitches, which have been used to extract initial phrases from models such as the Trezor One and Trezor T.
However, despite these improvements, according to research by Ledger Donjon, The microcontroller used in
Safe 3 and Safe 5 is labeled TRZ32F429, but it is actually
Read us at: Compass Investments