The hacker claiming to be selling user databases from top hardware wallet manufacturers Ledger, Trezor, and KeepKey appears to actually be peddling bunk, according to SatoshiLabs. On May 24, cybercrime monitoring blog Under the Breach reported that a hacker had begun advertising the customer databases of popular hardware wallet companies for sale. The data purportedly included the full names and physical addresses for over 80,000 user accounts. Under the Breach tweeted screenshots suggesting that the hacker obtained the databases by exploiting a vulnerability of popular e-commerce platform Shopify. “Don’t offer me low dolar, only big money allowed,” the hacker warns …
The hacker that breached the Ethereum.org forum is allegedly selling the databases for the three most-popular crypto hard wallets — Ledger, Trezor, and KeepKey. The three databases contain the name, address, phone number, and email for more than 80,000 users combined, however, they do not contain passwords for the accounts. The hacker has also recently listed the SQL database for online investment platform, BnkToTheFuture. Ledger and Trezor databases reportedly compromised On May 24, cyber crime monitoring website, Under the Breach, spotted the hacker’s new listings for the databases of the top hardware wallet providers. The hacker claims to be in …
A hardware wallet may just be the safest way to store cryptocurrency for average users. Nowadays, many different devices are trying to tackle the challenges of secure crypto asset storage. In this article, Cointelegraph will review some of the most well-known hardware wallets and compare their features. The cryptocurrency wallets that will be covered in this article are Ledger’s Nano X and Nano S, SatoshiLabs’s Trezor One and Trezor Model T, ShapeShift’s KeepKey, and Coinkite’s Coldcard and Opendime. It is also important to point out that all the wallets tested in this article, other than the Ledger Nano S (which …
Cryptocurrency hardware wallet manufacturer Ledger has reignited an old feud with competitor Trezor, in a blog post dated Feb. 13 highlighting the claimed benefits of its internal Secure Element chips. Trezor co-founder and CEO of SatoshiLabs, Marek “Slush” Palatinus, hit straight back, in a tweet accusing the post of being “dishonest” and not telling the “whole story.” The Ledger post compared the three internal chip types common to hardware wallet devices: Microcontroller Units (MCU), Safe Memory chips and its own Secure Elements. It claimed that the MCUs found in Trezor wallets were intended for general devices such as microwaves and …
Kraken Security Labs revealed on Jan 31. that Trezor hardware wallets and their derivatives can be hacked to extract private keys. Though the procedure is quite involved, Kraken claims that it “requires just 15 minutes of physical access to the device.” The attack requires a physical intervention on the Trezor wallet by either extracting its chip and placing it on a special device or soldering a couple of critical connectors. The Trezor chip must then be connected to a “glitcher device” that would send it signals at specific moments. These break the built-in protection that prevents the chip’s memory from …
On Nov. 6, President of Venezuela, Nicolas Maduro appeared on state-run television station Venezuelan Television Corporation (VTV), holding a crypto hardware storage device allegedly developed by major wallet supplier Trezor. The video is posted on the official Facebook page of President Maduro. Trezor says it is unaware of the alleged Trezor representatives who appeared on the Venezuelan national TV alongside Maduro. Trezor says it is investigating In a news segment titled "Private companies of cryptocurrency are operative in Venezuela," Maduro was meeting a company that introduced themselves as alleged representatives of Trezor in Venezuela, Trezorvenezuela. The alleged representing firm has …
A Redditor has apparently spotted an imposter website for Bitcoin (BTC) hardware wallet Trezor. “Imposter site trying to steal your Bitcoin” On Oct. 4, Reddit user castorfromtheva posted about the website, stating that they conducted a test to confirm that it was not genuine. They said: “I just made a little 'typo' test and entered 'tezor[dot]io' where I obviously left out the 'r'. I was instantly redirected to a site called https://trezor[dot]run/start/ which is not the original trezor site (the correct size is http://trezor.io respectively https://trezor.io/start/).” The Reddit user said that a URL typo would indeed redirect the user to …
SatoshiLabs, the Prague-based manufacturer of hardware cryptocurrency wallets Trezor, released a beta version of its new firmware that supports Bitcoin (BTC) exclusively. “Orange coin good!” According to the blog post published on Sept. 9, SatoshiLabs’ new BTC firmware is now available to download for both Trezor One and Trezor Model T. The company also noted that it aims to introduce a “stable version” of Bitcoin-only firmware in the next month’s release, adding: “From now on, we will be producing four different versions of firmware — regular (full altcoin support + U2F/WebAuthn) and Bitcoin-only, for both Trezor One and Model T. …
Fraudsters have been adding fake cryptocurrency wallets to the Google Play store in an attempt to cash in on rising bitcoin (BTC) prices, ESET antivirus researchers claimed on May 23. One malicious app imitated the hardware wallet Trezor — and the investigation found that the software had ties to another fake app that has the potential to scam unsuspecting users out of money. While the app’s page on Google Play looked legitimate, the researchers said the software itself contains no Trezor branding at all, with a generic login screen phishing for credentials. According to ESET, more than 1,000 users had …
Prague-based crypto wallet manufacturer Trezor has responded to а report about hardware vulnerabilities from its competitor Ledger on Tuesday, March 12. Trezor claims that none of the weaknesses revealed by Ledger in a detailed report on March 10, are critical for hardware wallets. As per Trezor, none of them can be exploited remotely, as the attacks described require “physical access to the device, specialized equipment, time, and technical expertise.” Trezor further cites the results of a recent security survey performed in partnership with major cryptocurrency exchange Binance. According to the survey, only around 6 percent of respondents believe that physical …
Major hardware wallets manufacturer Ledger has unveiled vulnerabilities in its direct competitor Trezor’s devices, according to a report published on Monday, March. 11. As of press time, Trezor was not immediately available to comment on Ledger’s findings. The study states that the vulnerabilities were found by Attack Lab, the company’s department that hacks into both its own and competitors’ devices to improve security. Ledger claims that it has repeatedly addressed Trezor about weaknesses in their Trezor One and Trezor T wallets, and has decided to make them public after the responsible disclosure period ended. The first issue is related to …
Researchers have reportedly shown how they were able to hack the Trezor One, Ledger Nano S and Ledger Blue at the 35C3 Refreshing Memories conference. The demonstration of the hacks was published in a video on Dec. 27. The research team behind the dubbed “Wallet.fail” hacking project is made up of hardware designer and security researcher Dmitry Nedospasov, software developer Thomas Roth and security researcher and former submarine officer Josh Datko. During the conference, the researchers announced that they have been able to extract the private key out of a Trezor One hardware wallet after flashing — overwriting existing data …