See More

Cybersecurity Firm Hacks Trezor Hardware Wallet Using Three-Year-Old Exploit

2 mins
Updated by Kyle Baird
Join our Trading Community on Telegram

In Brief

  • Unciphered posted a video of the Trezor hack.
  • An in-house exploit was created to extract the seed phrase.
  • Trezor knew about the vulnerability three years ago.
  • promo

Cybersecurity firm Unciphered has posted a video in which it claims to have hacked a Trezor hardware wallet.

Cybersecurity startup Unciphered claims to have infiltrated the security of the popular Trezor T model hardware crypto wallet.

On May 24, the team posted a video of them extracting the wallet’s mnemonic seed phrase or private key.

The cryptocurrency recovery firm took the Trezor apart to remove the internal circuit board. It was connected to its lab equipment which enabled the extraction of the device’s firmware.

Trezor Vulnerability Revealed

It then used powerful GPUs (graphics processing units) to work on the extraction.

Unciphered co-founder Eric Michaud said:

“We uploaded the firmware we extracted onto our high-performance computing cracking clusters. We have about 10 GPUs … and it took a little while but we extracted the PIN.”

He also stated that the retrieval was made possible by an “exploit that we developed in-house.” The team also had to write custom code to achieve the hack, which he explained was “extremely hard.”

Screenshot from Unciphered Trezor hack video - YouTube
Screenshot from Unciphered Trezor hack video – YouTube

Michaud stated that the exploit was not fixable with firmware updates. “In order to fix this, Satoshi Labs would have to recall all of their products,” he said before adding, “which they’re likely not going to do.”

Trezor responded to the experiment by stating that its team didn’t have enough details about this specific hack. It added that it appeared to be an “RDP [Read Protection] downgrade attack,” which was publicly flagged as a risk in early 2020.

“The RDP Downgrade attack is a precise attack that targets the hardware vulnerability of STM32 microchips used in the Trezor One and Trezor Model T hardware wallets,” it stated at the time.

Furthermore, the attack requires physical theft of the device, “extremely sophisticated technological knowledge and advanced equipment.”

Hardware Wallet Security Scrutinized

The revelation comes just a week after rival firm Ledger was involved in another PR imbroglio. Crypto Twitter was awash with comments calling for the dumping of Ledger in favor of Trezor, but that trend has now been quashed.

Ledger was lambasted last week for launching a recovery service that gave it control over the storage of seed phrases. The former CEO admitted the device was not trustless, and the current CEO, Pascal Gauthier, apologized for the firm’s latest foul-up.

It appears that no hardware wallet is 100% safe, despite what the manufacturers’ marketing departments claim.

Top crypto projects in the US | June 2024



In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Martin Young
Martin Young is a seasoned cryptocurrency journalist and editor with over 7 years of experience covering the latest news and trends in the digital asset space. He is passionate about making complex blockchain, fintech, and macroeconomics concepts understandable for mainstream audiences.   Martin has been featured in top finance, technology, and crypto publications including BeInCrypto, CoinTelegraph, NewsBTC, FX Empire, and Asia Times. His articles provide an in-depth analysis of...