Kraken Security Labs has revealed that criminals can hack Trezor hardware wallets in just 15 minutes of physical access to the wallet.
Kraken Security Labs disclosed the vulnerability in a blog post on Friday, January 31. According to the blog post, hackers can extract the encrypted seeds from both cryptocurrency hardware wallets offered from industry leader Trezor, the Trezor One and Trezor Model T.
The team from Kraken Security labs performed the attack on Trezor hardware wallets and their finding revealed that an attack requires just 15 minutes of physical access to the device. Kraken claimed that hackers can possibly exploit voltage glitching and extract encrypted seeds from the both the wallets.
The Kraken’s blog post reads:
“This attack relies on voltage glitching to extract an encrypted seed. This initial research required some know-how and several hundred dollars of equipment, but we estimate that we (or criminals) could mass produce a consumer-friendly glitching device that could be sold for about $75.”
After extracting the encrypted seed, which was protected by a 1-9 digit PIN, the team was able to crack the required information by brute forcing the combination in just two minutes.
According to the findings, this vulnerability is due to inherent flaws in STM32F205 and STM32F427 are flash-based microcontroller chips used in the Trezor wallets that are not designed to store secret information. Trezor has been aware of this vulnerability since designing the products.
Kraken team further noted that they responsibly disclosed the full details of this attack to the Trezor team on October 30, 2019, but they were going to public this information “so that crypto community can protect themselves before a fix is released by the Trezor team.”
To fix the vulnerability, the Kraken team has urged Trezor to completely redesign its hardware. The team has also suggested users to activate the BIP39 passphrase feature of Trezor client to prevent these kinds of attacks.
The team said that passphrase is a bit clunky, but a viable protection because the password is never stored on the device as it is added to the seed to generate the private key on the fly.
SatoshiLabs’ Trezor hardware wallet is among big names in crypto wallet industry. As Crypto Economy reported, Jack Dorsey, CEO of social media giant Twitter and payments service Square, has also purchased Trezor Model T wallet to store his amounting stock of Bitcoin.
Pavol Rusnak, CTO of SatoshiLabs, praising Kraken Security Labs, said:
“We are happy that Kraken Security Labs are investing their resources in improving the security of the whole Bitcoin ecosystem. We cherish this kind of responsible disclosure and cooperation.”