Leading supplier of hardware wallets, Trezor quickly fixed a security flaw found in its Safe 3 and Safe 5 variants. Ledger Donjon, the research division of rival Ledger, pointed out the problem: some cryptographic operations on Trezor’s microcontrollers might be taken advantage of for sophisticated attacks.
Despite recent security improvements, Trezor’s firmware integrity check revealed a flaw that could potentially allow attackers to bypass this tier of protection. Understanding the dangers, Trezor moved right away to fix the error. Although specifics of the fix have not been revealed, Ledger’s chief technical officer, Charles Guillemet, praised Trezor’s reaction and underlined the need for enhancing security all over the bitcoin field. He underlined how working together creates a safer environment for digital assets, thereby benefiting the whole sector.
Trezor has already included “Secure Elements,” specialized chips meant to protect private user data, inside its devices to improve defense against possible threats. This function lowers the possibility of illegal changes and attacks like voltage glitching. But the microcontroller—a crucial part of Trezor’s two-chip design—was the source of the recently found flaw.
In an X post, Trezor assured consumers that their money remained safe and no immediate action was required. The corporation did admit, though, that a firmware upgrade would not be enough to resolve the problem, therefore underlining the idea that no system is perfectly impervious. To lower the risk of possible supply chain attacks, Trezor advised consumers to only buy devices from authorized sources.
Beyond Trezor, security issues abound since Ledger has also had difficulties. A security incident in December 2023 resulted in the theft of about $484,000 worth of bitcoin from Ledger’s connector library. Furthermore, a 2020 data hack revealed the personal data of almost 270,000 Ledger users, therefore underscoring the ongoing risks faced by hardware wallet companies.
These events highlight the need of constant innovation and alertness in the crypto field as both businesses strive to improve their security protocols. When protecting their digital assets, users are recommended to keep informed, implement best security practices, and depend on reliable sources.
