• Dapps:16.23K
  • Blockchains:78
  • Active users:66.47M
  • 30d volume:$303.26B
  • 30d transactions:$879.24M

Vulnerabilities in Trezor Safe 3 and Safe 5 Expose Funds to Risk

user avatar

by Giorgi Kostiuk

a year ago

Trezor's latest hardware wallets, Safe 3 and Safe 5, face serious security challenges. Ledger Donjon's research team identified vulnerabilities in the devices' microcontrollers that could enable remote hacker access to user funds.

Cryptographic Security Issues in New Devices

Despite upgrades to EAL6+ level security features, all cryptographic operations are still executed on the microcontroller, susceptible to voltage glitching attacks, allowing attackers to extract secrets and modify firmware.

Trezor's Authentication System Fails to Protect Microcontroller

Ledger's findings reveal that Trezor's cryptographic authentication does not verify microcontroller firmware. The Secure Element is linked with the microcontroller by a pre-shared secret, which is vulnerable to voltage glitching.

Firmware Validation Flaws Leave Users Exposed

Firmware integrity checks can be bypassed if attackers manipulate computation, allowing modified firmware to appear genuine and risking private keys and transaction data security.

Security issues related to the microcontroller pose a serious threat to Trezor Safe 3 and Safe 5 users. Although patches and improvements have been made, exploitation risks remain high until microcontroller protection is enhanced.

0

Rewards

chest
chest
chest
chest

More rewards

Discover enhanced rewards on our social media.

chest

Other news

CLARITY Act Moves Closer to Senate Vote

chest

The long-awaited CLARITY Act is nearing its final procedural hurdle in the Senate, with a vote expected in May.

user avatarTomas Novak

Analysts Predict Potential Price Rallies for Dogecoin and Shiba Inu

chest

Crypto analysts predict significant price rallies for Dogecoin and Shiba Inu, with potential bullish breakout for Dogecoin and a 10x rally for Shiba Inu.

user avatarKaterina Papadopoulou

US Admiral Highlights Bitcoin's Importance for National Security

chest

US Admiral Samuel Paparo discusses Bitcoin's strategic relevance for national security during a Senate hearing.

user avatarMaya Lundqvist

Ethereum Surpasses Solana in Fees and Network Activity

chest

Recent data shows Ethereum significantly outperformed Solana in network fees and active addresses, generating approximately $27 million in fees compared to Solana's $70,000, with Ethereum's active addresses nearing 600,000.

user avatarLeo van der Veen

Bitcoin Faces Decline Amidst Rising Oil Prices and Geopolitical Tensions

chest

Bitcoin's value has dropped below $77,000 as crude oil prices surge, influenced by geopolitical instability and failed US-Iran negotiations.

user avatarLi Weicheng

Litecoin Developers Uncover Critical MWEB Validation Flaw

chest

Litecoin developers revealed a significant flaw in the Mimblewimble Extension Block (MWEB) implementation that allowed an attacker to inflate pegout by over 85 LTC.

user avatarAisha Farooq

Important disclaimer: The information presented on the Dapp.Expert portal is intended solely for informational purposes and does not constitute an investment recommendation or a guide to action in the field of cryptocurrencies. The Dapp.Expert team is not responsible for any potential losses or missed profits associated with the use of materials published on the site. Before making investment decisions in cryptocurrencies, we recommend consulting a qualified financial advisor.