Cybersecurity firm Unciphered claims to have successfully hacked into the hardware wallet Trezor T model. The company showcased the extraction of the wallet’s seed phrase, exploiting a hardware vulnerability that requires physical access to the device.
Unciphered explains that the hardware security mechanisms of the Trezor T could theoretically be bypassed by hackers who possess the wallet.
Such exploits depicted by Unciphered are feasible only if the attackers have physical access to the hardware wallet. Eric Michaud, co-founder of Unciphered said the exploit used specialized GPU chips that enabled his team to crack the device’s pin seed phrase after uploading the extracted firmware onto high-performance computing cracking clusters.
Trezor acknowledged that Unciphered’s demonstration had similarities with the Read Protection Downgrade (RDP) vulnerability discovered by Kraken Security Labs researchers that affected both the Trezor One and Trezor Model T.
RDP downgrade attacks require physical theft of a device and extremely sophisticated technological knowledge and advanced equipment," Trezor's chief technology officer Tomáš Sušánka said. "Even with the above, Trezors can be protected by a strong passphrase, which adds another layer of security that renders a RDP downgrade useless.”
TokenInsight is dedicated to covering the most important and cutting-edge trends in the world of crypto. If you have information to share with us, please feel free to contact our email firstname.lastname@example.org. Your trust will be well respected.