11-22-2024
BSV
$68.43
Vol 216.23m
-4.56%
BTC
$98781
Vol 116461.56m
2.11%
BCH
$491.75
Vol 2285.61m
5.79%
LTC
$90.03
Vol 1467.9m
6%
DOGE
$0.39
Vol 10329.74m
3.85%
Getting your Trinity Audio player ready...

A group of security specialists have discovered that several popular cryptocurrency hardware wallets are vulnerable to compromise. The wallets have inherent weaknesses that could allow them to be attacked. The specialists have published their findings, but the manufacturers insist that there are no issues with the wallets.

The vulnerabilities, which could allow side-channel, supply-chain, microcontroller or firmware attacks, were identified by three researchers— Thomas Roth, Josh Datko and Dmitry Nedospasov. The researchers have designated the weaknesses as “wallet.fail” and assert that they are found in a number of hardware wallets, including the Trezor One, the Ledger Blue and the Ledger Nano S.

The trio demonstrated a proof of concept attack at the 35c3 conference held last month in Leipzig, Germany. They showed that the attacks can target firmware, software or hardware, as well as physical and architectural design flaws. According to the researchers, some vulnerabilities can only be countered by changing hardware or microcontrollers.

By installing a hardware implant that was combined with spyware into a device, the researchers will able to steal the PIN of the wallets. They were also able to load custom firmware, allowing them to create malicious transactions to send digital assets and to display fake transactions. Additionally, the researchers were able to steal PINs by intercepting radio signals and then flashing a separate device with special firmware that allowed them to gain access to the wallet’s private keys.

As is to be expected, the manufacturers have scoffed at the testing procedures used by the researchers, asserting that they weren’t very scientific. For its part, Ledger stated, “They did not succeed to extract any seed nor PIN on a stolen device. Every sensitive assets stored on the Secure Element remain secure. Don’t worry, your crypto assets are still secure on your Ledger device.”

Whether or not the testing was scientific, any possibility of a wallet being compromised should be seen as a threat and needs to be addressed appropriately. As with any device used to protect financial resources, hardware and software crypto wallets need to be tightly secured and users must ensure that they take all possible precautions to ensure that the wallets cannot fall into the wrong hands.

Recommended for you

David Case gets technical with Bitcoin masterclass coding sessions
Whether you're a coding pro or a novice, David Case's livestream sessions on the X platform are not to be...
November 21, 2024
NY Supreme Court’s ruling saves BTC miner Greenidge from closing
However, the judge also ruled that Greenidge must reapply for the permit and that the Department of Environmental Conservation has...
November 20, 2024
Advertisement
Advertisement
Advertisement