Cryptocurrency wallets Trezor and Ledger are vulnerable to a number of different type attacks, researchers say.
LEIPZIG, GERMANY – Hardware based cryptocurrency wallets may not be as secure as promised. That’s the judgement of Dmitry Nedospasov, Thomas Roth and Josh Datko who together presented their research at a session here at the 35c3 conference called “wallet.fail.”
In the talk the researchers demonstrate firmware, side-channel, microcontroller and supply-chain attacks that impact a range of wallets including Trezor One, Ledger Nano S, and Ledger Blue. Naturally, the manufacturers responded, claiming the research had holes and attacks were impractical and their hardware was safe to use.
“The sad reality is there is just not a lot of security in cryptocurrency [development]. And that is painful to hear,” said Nedospasov, a hardware design and security engineer, during his talk.