Categories: CryptoNewsSecurity

Hardware Wallets Are Not Immune to Attacks

Securely storing digital assets is a major concern for most cryptocurrency users. Wallets can be vulnerable to attack and while there are ways to protect yourself, not all users are as vigilant as others. For this reason, many people — including myself — have suggested using hardware wallets for storage because of their offline nature and robust security features. However, a recent post on Medium suggests that even these devices are not immune to attack. One of the most popular hardware wallets, Trezor, apparently was vulnerable. But how much do Trezor users need to worry?

Worrying, but not Damning

The original post claimed that all Trezor devices were vulnerable to a fairly simple hack that allowed private keys to be stolen from the device. As we all know, private keys control coins, so you need to be in control of your keys if you want to ensure you own coins. If this vulnerability were exploited, then all the coins kept on the Trezor would be stolen from the device’s owner. The largest limitation to this attack is that it requires physical access to the hardware wallet itself. This means that there may have been relatively few potential victims, since many people who have hardware wallets keep them inside a safe or vault.

Trezor’s official blog addressed the issue and described how the attack worked. The seed for the private key is saved in flash memory and is moved to RAM during use. Someone with access to the device and the firmware would have been able to extract the seed from the device’s RAM. Trezor has released a firmware security update (1.5.2) to address these issues and to close all known vulnerabilities. The company has urged all users to update their firmware to protect themselves fully, even though the chance of an attacker gaining physical access to one’s device is pretty low already.

Related Post

A Bit of Controversy

Both Trezor and the author of the original Medium post have accused each other of misrepresenting the situation and spreading misinformation to the public. The original post claimed that all current devices would need to be replaced to fully address the problem and that a firmware update would not sufficiently address the issue. Trezor maintains that this was not true and that its update renders all Trezor devices safe. The original poster has promised to release more information soon, so we will need to wait for their rebuttal to Trezor’s most recent response.

What Does This Mean for Users?

If you are a Trezor user, it means you need to update your firmware as soon as possible. The vulnerability appears to be unique to Trezor devices, so this does not affect you if you have a Ledger or other device. However, it does dispel the myth that hardware wallets are immune to attack. While Trezor responded and fixed the problem quickly, it shows that users of hardware wallets do need to be vigilant and stay up to date on firmware and potential threats. This was not a remotely executed attack as it required the actual device, so things could have been a lot worse.

Remember, you alone are responsible for your private keys and the safety of your cryptocurrency assets. Take the necessary precautions, do your research, and keep yourself safe.

Dariusz

Dariusz has been closely following the world of cryptocurrencies since 2014. He has been somewhat of a crypto-evangelist, trying to educate more people on the exciting realm of cryptocurrency.

Share
Published by
Dariusz

Recent Posts

Ethereum Down While Bitcoin, Solana, and JetBolt Skyrocket In End November 2024

Ethereum stumbles as Bitcoin surges past $97K, Solana eyes new highs, and JetBolt’s presale shakes…

2 hours ago

Top 5 Best Crypto Presales to Grab Now: Don’t Miss These December Week 1 Gems

The crypto market is a buzz with promising presales as 2024 draws the curtains. With…

3 hours ago

Cheems Surge On BSC Network: A Rising Star With Growing Market Value

The Cheems token on the Binance Smart Chain (BSC) is gaining significant momentum, surging by…

11 hours ago

Lester Token Crashes 40% Following Official Announcement

The value of $LESTER plummeted by 40% in the past 24 hours, leaving its market…

11 hours ago

From $30K To Millions: The Wild Journey Of $Quant And Xiaohaige’s Memecoin Stunts

In a bizarre turn of events, a young live-streamer known as Xiaohaige created the memecoin…

11 hours ago

Whale “convexcuck.eth” Makes Bold $CVX Move, Nets Significant Profit Amid Price Surge

The crypto whale known as "convexcuck.eth" has made waves in the DeFi world, spending $2…

11 hours ago