Close Menu
    Facebook X (Twitter) Instagram
    ESP Blockchain Journal
    • Noticias
      • Noticias Blockchain
      • Noticias Bitcoin
      • Noticias Ethereum
      • Noticias Ripple
      • NFT
      • Metaverso
      • DeFi
      • Noticias Tron
      • Noticias Litecoin
      • Noticias Monero
      • Noticias Cardano
      • Noticias Stellar
      • Noticias Algorand
      • Noticias Dogecoin
      • Noticias Polkadot
      • Noticias Kusama
      • Noticias Solana
      • Opinión
    • Análisis de Precios
    • Academia Cripto
    • Contacto
    • bandera
    ESP Blockchain Journal
    Home»Noticias»The company Ledger announced a number of vulnerabilities in hardware wallets Trezor

    The company Ledger announced a number of vulnerabilities in hardware wallets Trezor

    0
    By BlockchainJournal on marzo 11, 2019 Noticias
    Share
    Facebook Twitter LinkedIn Pinterest Email

    The leading manufacturer of cryptocurrency hardware wallets Ledger spoke about the vulnerabilities revealed in the devices of his direct competitor Trezor. This is stated in a message distributed by the French company on Monday, March 11.

    As previously mentioned, @BreakerMag has toured our competitors.

    Here is a detailed overview of these vulnerabilities: https://t.co/sW1rxH3lwP

    – Ledger (@Ledger) March 11, 2019

    The Ledger study states that the vulnerabilities were discovered by employees of Attack Lab, a division of the company that, in order to increase security, hacks both its own wallets and competitors' devices. Representatives of Ledger claim that they have repeatedly contacted Trezor regarding the weak points in their Trezor One and Trezor T wallets, and after the disclosure period ended, they decided to make them public.

    The first problem is related to authenticity of devices. As Ledger claims, the Trezor device can be simulated by hacking it with malware, and then resealing it in a box, forging a sticker designed to protect against unauthorized access. The latter, said the French company, is easy to remove. It is also claimed that this vulnerability can be eliminated only by reformatting the entire design of Trezor wallets, in particular, by replacing one of the main components with the Secure Secure chip.

    Secondly, Ledger hackers were able to pick up a PIN on a Trezor wallet using an attack on a third-party channel, as reported by Trezor in late November 2018. Later, the company solved this problem in its firmware update 1.8.0.

    The third and fourth vulnerabilities, which Ledger also proposes to eliminate, replacing the main component with the Secure Element chip, are the possibility of stealing confidential data from the device. Ledger claims that an attacker with physical access to Trezor One and Trezor T can extract all data from flash memory and gain control over the assets stored on devices.

    The last discovered weakness is also related to the Trezor security model: as stated by Ledger, the Trezor One cryptographic library does not contain adequate countermeasures against hardware attacks. It is alleged that a hacker with physical access to the device can extract the secret key through an attack on a third-party channel, although Trezor claimed that his wallets are resistant to such an attack.

    It is noteworthy that in November 2018 Trezor representatives themselves warned that an unknown third party was distributing individual copies of their flagship device, Trezor One, urging users to buy wallets only through their official website.

    However, in its report, Ledger claims that users cannot be sure, even if they buy equipment on the Trezor website. An attacker can buy multiple devices, hack them, and then send them back to the manufacturer for compensation. Ledger researchers conclude that if a compromised device is resold, user cryptocurrencies may be stolen.

    Recall that in December cyber specialists from Wallet.fail discovered a number of vulnerabilities in both Trezor and Ledger devices, managing to launch a series of successful attacks. In response, representatives of Ledger said that the findings of the researchers do not correspond to reality . In turn, Trezor said that he acknowledged the existence of a vulnerability, but stressed that in order to use it, the attacker must have physical access to the victim's device.

    Representatives of Trezor have not yet commented on the latest conclusions of Ledger.

    << aside id = "unisender_subscribe_form-10" class = "widget unisender_form">

    BlockchainJournal.news

    BlockchainJournal.news

    Featured Ledger Trezor
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    BlockchainJournal

    Related Posts

    Empresas que se dedican a la minería emiten miles de millones en deuda para invertir en IA

    octubre 17, 2025

    Ripple planea recaudar USD 1.000 millones para recomprar XRP y fortalecer su tesorería digital

    octubre 17, 2025

    Li Lin lanzará el fideicomiso Ether Accumulator de mil millones de dólares

    octubre 17, 2025

    Tether impulsa una wallet de código abierto para facilitar la interoperabilidad entre cadenas

    octubre 17, 2025

    Maelstrom busca un fondo de 250 millones para adquirir empresas cripto

    octubre 17, 2025

    La SEC se ve desbordada por nuevas presentaciones de ETF cripto en medio del bloqueo gubernamental

    octubre 17, 2025
    Buscar
    Facebook X (Twitter) Instagram Pinterest
    © 2025 Blockchainjournal

    Type above and press Enter to search. Press Esc to cancel.

    Utilizamos cookies para asegurar que damos la mejor experiencia al usuario en nuestra web. Si sigues utilizando este sitio asumiremos que estás de acuerdo.