Monero’s ex-lead maintainer asserts Trezor prone to ‘glitching attacks’
Over the years, breaching attacks in the cryptocurrency industry has made headlines. Even established platforms had their security compromised at the hands of malicious attackers. But with the rising trend of hacks and compromises, there has been substantial development towards curbing these activities too.
Kraken’s recent revelation of a vulnerability in Trezor hardware wallets posed some serious questions. Long story short, the Kraken Security Labs found that both Trezor One and Tezor Model T hardware wallets can be easily breached. This attack relied on “voltage glitching to extract an encrypted seed”.
Riccardo Spagni, former lead maintainer at Monero said that ‘passphrase’ is the answer. In the latest live stream of Magical Crypto Friends, Spagni stated,
“Trezor, in particular, in its current form, is very prone to glitching attacks and so use a passphrase. It does make it more cumbersome, but at least the passphrase is not stored on the device, so it is almost like a second factor of authentication.”
Another point was made by Charlie Lee, the Managing Director of Litecoin Foundation in the same episode. He emphasized on the implications of using ‘giveaway wallets’ and said,
“I have seen a lot of people giving away sealed Ledger. I think that is kind of a bad idea. Because you, kind of, want to make sure to buy your Ledgers and Trezors directly from the manufacturer. You never know if it is been tampered with and you do not want to take the risks.”