Ledger Donjon said they have discovered a Trezor One , Trezor T , Keepkey and all other Trezor clone cryptographic vulnerabilities, which can be used by hackers to hack these devices and gain access to ced-phrases and users' tools.
It is reported that such an attack can take only 3 minutes to prepare and 2 minutes to implement and will require one computer and materials from hackers for $ 100, however it will be 100% likely to be effective in all versions of device firmware.
Ledger Donjon claims to have achieved such a result with 20 cryptographs and reported vulnerabilities to the developers of Trezor at the end of last year, but did not receive rewards for finding errors.
As it is impossible to get rid of the vulnerability, according to Ledger Donjon experts, users were recommended the only effective method of countering attacks: using a passphrase of at least 37 random characters.
Recall that in March of this year, employees of the Attack Lab, part of the French hardware manufacturer Ledger cryptographs, released 5 vulnerabilities in Trezor products. However, the Trezor developers responded that four of them were either fixed or could not be used or require a pin code – and none of them is critical.
Publication date 07/09/2019
Share this material on social networks and leave your opinion in the comments below.
