Coinods Security Labs said they found a critical vulnerability in Trezor hardware wallets, which opens the possibility of retrieving the seed phrase within 15 minutes.
In order to carry out an attack, an attacker needs physical access to a Trezor One or Trezor Model T device and an inexpensive device capable of causing the microcontroller to malfunction due to voltage surges, Coinods.com said. The cost of such a device is about $ 75, experts say.
Coinods.com security director Dick Serloco stressed that Trezor is aware of this vulnerability.
We will remind, earlier Coinods.com experts talked about a similar vulnerability in KeepKey hardware wallets. These devices use the same chip family as the Trezor, experts say.
Coinods.com is confident that the chips used in these wallets were not originally intended to store sensitive information and, therefore, should not be the only means of protecting crypto assets. Experts advised users to set passphrases in order to maximally protect themselves from unauthorized access.