en
Back to the list

Ledger discloses 5 vulnerabilities in 2 models of competitor Trezor

source-logo  chepicap.com 11 March 2019 20:26, UTC

According to a blog post by the French hardware wallets manufacturer Ledger, 5 vulnerabilities were found in 2 models of competitor Trezor, by Attack Lab, the company’s department that attempts to hack into both its own and competitors’ devices to improve overall security.

The blog post states that the vulnerabilities were found by Ledger’s security team, Ledger Donjon, which has an Attack Lab in their Paris Headquarters where they attempt to hack into their own devices, as well as competitors’ devices, to expose security vulnerabilities. 

Ledger claims that they always follow the principles of responsible disclosure by informing the impacted party of any vulnerability of their products that their Attack Lab might have discovered, and giving them time to find a fix. 

The hard wallet company states that about four months ago they contacted Trezor to share the 5 vulnerabilities which their Attack Lab uncovered.

'As always, we gave Trezor a responsible disclosure period to work on these vulnerabilities, even granting them two extensions.'

However, now that the responsible disclosure period, including the two extensions, has expired, Ledger has publicly shared the details.

Read more: Ledger bugs may lose you your life savings, version update is crucial

Vulnerability 1

According to the Ledger team, the genuineness of a Trezor device can be imitated by backdooring the device with malware and then re-sealing it in its box by faking a tamper-proof sticker, which can be easily removed.

Vulnerability 2

Ledger hackers guessed the value of the PIN on a Trezor wallet using a side-channel attack and reported it to Trezor in late November 2018.

Trezor already solved the issue in its firmware update 1.8.0.

Vulnerability 3 and 4

Ledger claims that hackers with physical access to Trezor One and Trezor T can extract all confidential data from the flash memory and gain control over the assets stored on the device.

Vulnerability 5

The Trezor One does not contain proper counter measures against hardware attacks, which could mean that a hacker with physical access to the device can extract the secret key via a side-channel attack.

Read more: Ledger issues alert to stop using Monero Ledger HW with Monero client v0.14

Trezor wasn't available to comment on Ledger’s findings.

As mentioned previously, @BreakerMag toured our HQ attack lab and explained vulnerabilities that we responsibly disclosed to a competitor.

Here is a detailed overview of these vulnerabilities: https://t.co/sW1rxH3lwP

— Ledger (@Ledger) March 11, 2019
chepicap.com