Cybersecurity startup Unciphered posted a video on YouTube demonstrating the successful hacking of the popular Trezor T crypto wallet from Satoshi Labs.
The company’s experts developed an “internal exploit” that allowed them to extract the wallet’s firmware and, using specialized GPUs, cracked the device’s seed phrase.
The company noted that the hardware security mechanisms of the Trezor T model can theoretically be bypassed if a hacker has physical access to the wallet. According to Michaud, in order to fix this exploit in the Trezor T, it will be necessary to recall all released devices.
Previously, Unciphered demonstrated a similar wallet hack made by the Hong Kong company OneKey.
Trezor said that the vulnerability found by experts, obviously, is Read Protection Downgrade (RDP) attack. It allows, by influencing the STM32 chip, to obtain a seed phrase for recovery, and then decrypt its PIN code using the method brute force.
This vulnerability was discovered back in October 2019 by Kraken Security Labs researchers. She affected the Trezor T and Trezor One models.
Trezor CTO Tomas Sushanka noted that such attacks require the physical theft of the device, extremely crude technological knowledge and modern equipment.
To solve this problem, Trezor, together with a subsidiary of Tropic Square, developed secure microchip for hardware wallets. The item is currently being tested.
Source: Cryptocurrency
I am an experienced journalist and writer with a career in the news industry. My focus is on covering Top News stories for World Stock Market, where I provide comprehensive analysis and commentary on markets around the world. I have expertise in writing both long-form articles and shorter pieces that deliver timely, relevant updates to readers.
