Security researchers at the San Francisco-based cryptocurrency exchange Kraken say they have cracked a popular crypto hardware wallet.
Hardware wallets are physical devices that are used to store cryptocurrency such as Bitcoin, Ethereum, XRP, Litecoin and Bitcoin Cash. Kraken’s team says it took them 15 minutes to crack two Trezor wallets: the Trezor One and Trezor Model T.
Cryptocurrencies are secured through the use of cryptography and encrypted seed phrases. By exploiting a hardware glitch on the device, a bad actor who has direct physical contact with the wallet and enough skill could extract the encrypted seed phrase, leading to a loss of funds.
Kraken suggests two immediate remedies.
- “Do not allow anyone physical access to your Trezor wallet. You could permanently lose your crypto.
- Enable Your BIP39 Passphrase with the Trezor Client. This passphrase is a bit clunky to use in practice but is not stored on the device and therefore is a protection that prevents this attack.”
The research confirms voltage glitching in Trezor’s hardware design. To crack the seed phrase, engineers targeted a specific hardware microchip.
The attack reportedly requires sophisticated knowledge and several hundred dollars worth of equipment. An inspired and skilled bad actor, however, could replicate the necessary tools and produce a glitching device for consumers for an estimated $75, reports Kraken.
The security flaw was first discovered in October of 2019. The team at Trezor is reportedly working with Kraken to remedy the security flaw and has responded with instructions on what consumers can do to protect their holdings.
“It’s important to note that this attack is viable only if the Passphrase feature does not protect the device. A strong passphrase fully mitigates the possibilities of a successful attack. If sophisticated physical attacks on your device are in your threat model, we recommend learning how to create and effectively use the passphrase protection to secure your accounts.”
You can check out Kraken Security Labs’ full technical breakdown on the critical flaw here.
