Following the Ledger incident, Trezor, a competitor in the crypto security industry, has been experiencing a surge in popularity. However, a recently discovered vulnerability in their hardware wallet raises concerns.
Unciphered, a prominent security company, has successfully hacked the Trezor T hardware wallet and demonstrated the process in their laboratory. They attribute the exploit to an "unpatchable hardware vulnerability in the STM32 chip," which compromises the security of the embedded flash and one-time programmable data.
Once the hack is executed, the attacker gains access to the wallet's seed phrase, enabling them to pilfer the funds stored within. The security firm claims that Trezor is aware of this vulnerability in their device but has not taken any measures to address this potential attack vector.
It's important to note that physical access to the wallet is required for this hack to be possible. Consequently, assets belonging to Trezor customers remain secure offline.
before you invest in crypto – invest in yourself