According to Kraken, it is possible to recover the seed hardware portfolios Trezor One and Model T in less than 15 minutes. Theattack however requires physical intervention.
On his website, Kraken Security Labs said they discovered a critical flaw on branded hardware portfolios Trezor.
According to the American cryptocurrency exchange, the attack is based on voltage glitching and allows to extract the seed, or backup phrase, encrypted from the wallet.
This initial research required some skill and several hundred dollars in equipment, but we estimate that we (or the criminals) could mass produce a user-friendly glitching device that could be sold for around $ 75. We are hacking the encrypted seed, which is protected by a 1- to 9-digit PIN, but which is breakable by brute force, ”says Kraken.
In addition, the fault being directly linked to the microcontroller present in the wallet, Trezor would not be able to fix the problem without having to completely rethink its equipment.
Kraken thus advises users of Trezor One and T never allow anyone to physically access the device and activate the BIP39 passphrase via the Trezor client.
In response, the manufacturer of the Trezor wallets, Satoshi Labs, did not deny the flaw but minimized the risks of piracy.
It is important to note that this attack is only viable if the Passphrase function does not protect the device. To carry out the attack, the perpetrator must physically open the case, "the Czech company wrote on its blog.
Other teams of cybersecurity specialists, such as Ledger Dungeon, have also reportedly carried out variants of the attack, but have not released details publicly.
Related posts:
Why do cryptocurrency Exist – Institutions 
Bitcoin and independent property rights 
NASDAQ on market manipulation: Everyone is now talking about regulating bitcoin and cryptocurrency 
Pilot Porsche on Ethereum blockchain to trace provenance materials 
Xfers from Singapore is going to use blockchain Zilliqa 
Make your own tokens with the Guarda wallet
