Home Fear & Greed Pools Wallets Dictionary Advertise Facebook Twitter Telegram Reddit Youtube
Market Cap:
24h Vol:
Cryptocurrencies: 13105
Markets: 101189
CoinInsight360.com logo CoinInsight360.com logo
ENG
EST
RUS
TUR
DEU
CHI
KOR
ITA
USD
USD
AED
AFN
ALL
AMD
ANG
AOA
ARS
AUD
AWG
AZN
BAM
BBD
BDT
BGN
BHD
BIF
BMD
BND
BOB
BRL
BTN
BWP
BYN
BZD
CAD
CDF
CHF
CLF
CLP
CNH
CNY
COP
CRC
CUC
CUP
CVE
CZK
DJF
DKK
DOP
DZD
EGP
ERN
ETB
EUR
FJD
FKP
GBP
GEL
GHS
GIP
GMD
GNF
GTQ
GYD
HKD
HNL
HRK
HTG
HUF
IDR
ILS
IMP
INR
ISK
JMD
JOD
JPY
KES
KGS
KHR
KMF
KPW
KRW
KWD
KYD
KZT
LAK
LBP
LKR
LRD
LSL
LYD
MAD
MDL
MGA
MKD
MMK
MNT
MOP
MRU
MUR
MVR
MWK
MXN
MYR
MZN
NAD
NGN
NIO
NOK
NPR
NZD
OMR
PAB
PEN
PGK
PHP
PKR
PLN
PYG
QAR
RON
RSD
RUB
RWF
SAR
SBD
SCR
SDG
SEK
SGD
SHP
SLL
SRD
SSP
STD
STN
SVC
SYP
SZL
THB
TJS
TMT
TND
TOP
TRY
TTD
TWD
TZS
UAH
UGX
UYU
UZS
VES
VND
VUV
WST
ZAR
ZMW
ZWL
A company that is changing the way the world mines bitcoin

WallStreet Forex Robot 3.0
Market Cap
24h Vol
13105
Cryptocurrencies
60.37%
Bitcoin Share
crypto.news 2025-03-13 08:50:37

Trezor Safe devices still vulnerable to physical supply chain attacks, Ledger says

Trezor Safe devices still vulnerable to physical supply chain attacks, Ledger says

Trezor’s latest hardware wallets feature secure elements but are still vulnerable to attacks targeting their microcontrollers, Ledger claims. In the constantly shifting world of crypto security, even the most advanced hardware wallets aren’t immune to emerging threats. Now, cybersecurity experts at Ledger Donjon, the research arm of physical crypto wallet Ledger , are raising concerns about its rival Trezor . Despite its reputation for secure design, Trezor’s Safe models appear vulnerable to physical attacks. While the devices feature dual-chip setups and certified secure elements, researchers at Ledger argue that these models aren’t fully protected against determined hackers. In a March 12 blog post , Ledger notes that the new Trezor Safe devices were designed with better security features, including a two-chip setup with a certified Secure Element (Optiga Trust M) for storing PINs and cryptographic secrets. Yet, Ledger says critical cryptographic operations “are still performed on a microcontroller however,” which makes attacks in more “advanced threat models possible.” “The microcontroller used is labeled TRZ32F429 – this is actually a STM32F429 chip packaged into a BGA with custom markings. In spite of the Trezor-specific package however, it is really electrically the same as a STM32F429, and this chip’s family is known to be vulnerable to voltage glitching, enabling read and write access to its flash contents.” Ledger You might also like: Ledger eliminated exploit, company’s CEO comments on situation While the devices include mechanisms to prevent tampering, Ledger believes these defenses are not foolproof, stating that it is only “a matter of time and engineering effort to pull off the attack in practice.” Most importantly, the researchers argue that the attack can be executed “purely in software,” making it “very hard, if not impossible,” to detect either cryptographically or through visual inspection. Despite these risks, Trezor Safe devices are considered a step forward in crypto hardware security, Ledger admits, though emphasizes that continued vigilance is needed to address potential weaknesses in the supply chain. Following the publication of the research, Trezor’s X account reassured users that their funds “remain safe,” noting that Ledger Donjon had reused a “previously known attack to bypass some of our countermeasures against supply chain attacks in Trezor Safe 3.” Read more: ‘Where there’s money, there will be hackers’: Ledger CEO

Most Read News



Cryptohopper
Market Cap
24h Vol
60.37%
Bitcoin Share
366
Today News
Read the Disclaimer : All content provided herein our website, hyperlinked sites, associated applications, forums, blogs, social media accounts and other platforms (“Site”) is for your general information only, procured from third party sources. We make no warranties of any kind in relation to our content, including but not limited to accuracy and updatedness. No part of the content that we provide constitutes financial advice, legal advice or any other form of advice meant for your specific reliance for any purpose. Any use or reliance on our content is solely at your own risk and discretion. You should conduct your own research, review, analyse and verify our content before relying on them. Trading is a highly risky activity that can lead to major losses, please therefore consult your financial advisor before making any decision. No content on our Site is meant to be a solicitation or offer.