Successful laboratory test

Kraken Labs has managed to hack two hardware wallets from Trezor. To get access to the seed, physical access is necessary. Additionally, equipment was needed to disassemble the hardware and access it.

But once you have invested in the necessary materials, theoretically every further hack is no longer costly. All that is needed is a Trezor Wallet Model T or the Trezor One and some time.

In a model experiment presented in a video, the seed can be extracted from the hardware in only 15 minutes.

A glitch makes it possible

A glitch in the power supply of an affected chip can be used to obtain the encrypted seed as a data record. It takes only a very short time, to break the encryption.

A simple „Brute Force“ attack is sufficient to get the seed in plain text. With the described method, the computer calculates all possible password combinations and simply tries them out until the right combination is found.

This allows the devices to be attacked not only quickly, but also with very simple means.

The gap described by Kraken has probably been known for a long time, but the vulnerability has not been so drastically demonstrated. Basically there is no way to fix the bug by a patch.

The problem exists on the hardware side, so Trezor would have to ship redesigned devices to finally fix the problem. However, users of the mentioned Trezor models are not completely stuck.

If they protect their wallet with a strong password (passphrase), the problem does not exist, according to Trezor. However, this is optional and therefore it can be assumed that not all users have actively taken care of it.


Picture License