Kraken research: It only takes 15 minutes to hack a Trezor wallets

Kraken Security Labs has revealed that it only takes 15 minutes to hack Trezor hardware wallets and their derivative tools.

The attack requires physical intervention in the Trezor wallet by extracting its chip and placing it on a special device or welding a few important connectors.

The Trezor chip must then be connected to a malfunctioning device that can send signals at a specific time. These devices break the integrated protective layer that helps prevent the memory of the chip from being read by external devices.

The trick allows an attacker to read important wallet parameters, including private keys.

Although the seed was encrypted using a PIN-generating key, the researchers were able to crack it in just two minutes. The attack takes advantage of vulnerabilities inherent in the microcontroller used in the Trezor wallets. This means that the Trezor team is unlikely to do anything about this vulnerability without redesigning the hardware.

Kraken urges Trezor users not to allow anyone to access the physical wallet.

 

In a coordinated response published by Trezor, the team minimized the impact of the flaw. The company argued that the attack would show visible signs of tampering due to the need to open the device, noting that the attack requires extremely specialized hardware to execute.

The Labs recommends that users enable the wallet password feature to protect against such attacks and note that this is a viable alternative.

Read more:

Follow us on Telegram

Follow us on Twitter

Follow us on Facebook

You might also like

LATEST NEWS

LASTEST NEWS