A research team claims they were able to successfully hack the Trezor One, Ledger Nano S and Ledger Blue wallets, posting a video showing their process.
The “Wallet.fail” hack demonstration took place at the 35C3 Refreshing Memories conference, led by hardware designer and security researcher Dmitry Nedospasov, software developer Thomas Roth and security researcher Josh Datko.
The team was able to exploit a weakness in Trezor One hardware wallets which didn’t have a set passphrase by the owner, extracting the private key by overwriting data using a custom firmware. The chief technology officer (CTO) of Trezor’s parent company SatoshiLabs Pavol Rusnak responded on Twitter, saying a firmware update will be established at the end of next month to address this vulnerability.
The Ledger Nano S was found to allow the installation of any firmware, which the research team exploited to play Snake on the device. Ledger Blue also showed weaknesses, leaking signals as radio waves when operating which, according to the researchers, were strong enough to be detected from several meters away when a USB cable was attached.
These vulnerabilities follow reports in August that a teenager was able to hack a BitFi device, something denied by producers as no coins were actually extracted.
Follow BitcoinNews.com on Twitter: @BitcoinNewsCom
Telegram Alerts from BitcoinNews.com: https://t.me/bconews
Want to advertise or get published on BitcoinNews.com? – View our Media Kit PDF here.
Image Courtesy: Pixabay