Recently, Charles Guillemet of CTO DE LEDGER revealed that his research team discovered a vulnerability in Trezor’s Wallet Safe 3, manufactured by Satoshi Labs.
According to the information, changes to Trezor Safe 3 that were stolen during the supply chain or modified Trezor Safe 3 incorporates a Safe Element chip, but allows you to see certain changes to software that are not permitted to access private digital assets. In the security report, Trezor thanked Ledger for his work, stressing that “clients’ funds are safe and there’s no need to carry out any action.”
Companies affected by wallet hardware are guaranteed to have the latest models. Trezor Safe 5you will not suffer from the same vulnerabilities as your previous model. This is because we use a more resistant microcontroller Voltage glitchtypes of attacks successfully used during technical testing of ledgers using SAFE 3 models.
Trezor highlights that, like funds, wallets and pins are safe and that Ledger Donjon, a research team that spreads vulnerability, shared its findings through a responsible outreach program.
The program believes that vulnerability researchers must act in good faith, avoid filtration of sensitive security information, and communicate directly with Trezor before spreading vulnerability data to the public.
Finally, Trezor double-checks the user by saying:
Should I worry about Trezor Safe 3? no. If you purchased an official source device, it is very unlikely that there is a problem with the device. If you have any indication of operation when your order arrives, or if you purchased from an unauthorized profiter, we’ll show you how to simply communicate with Trezor support or start a discussion on the Trezor forum to see if you have a commitment.
Trezor, creator of Cryptocurrency Wallets.
How did the secure 3 ledger test work?
According to Trezor, researchers at Ledger Donjon were unable to extract private keys or wallet pins exposed to security testing. Nevertheless, Yes, they showed how to avoid verification of reliability and firmware hash verification in Trezor Safe 3. Thanks to the use of advanced tools and the “high-level hardware experience.”
Vulnerabilities discovered by Ledgers reported by Cryptootics are exploited only by attacks on the supply chain. This is a vulnerability that takes advantage of a device when you are in the process of reaching your final customer.
According to the Trezor head, an attack requires full physical access to the device. It also runs the device housing and microchip. Then, modify data or extract using special tools. Finally, repeat with the device assembly without leaving any visible signs of operation.
Under optimal conditions, it functions separately from the safe element, and the violated device microcontroller identifies abnormal fluctuations in the supply voltage.Glitch attack». These attacks It manipulates the voltage to change the normal flow of processor execution.
However, the microcontroller used in the Trezor Safe 3 is called the TRZ32F429. According to Ledger, this is the STM32F429 chip, the STM32F429 chip developed by STMicroelectronics. Although they were popular due to their performance and low energy consumption, this chip family It can be demonstrated against attacks caused by voltage fluctuationsto allow access to that content to be read and written. flash”.
To model the attack, the only ledger we ran the tests was “designing a small adapter plaque and allowing us to separate pads on the standard connector TRZ32F429 to be mounted on the main attack plate.” This is possible because it is possible with Trezor Suite, the native software for the company’s wallet. It’s just a safe element of SAFE3, known as Optiga TrustM, but it’s not a microcontroller. Deploying or modifying the software does not prove that this may have been compromised.
This provides a link between Optiga and Microcontroller, but is somewhat weak. Software running on the microcontroller is not authenticated, but only access to biased secrets. The latter is stored in the TRZ32F429’s flash memory, so it can be read using a voltage fault before reprogramming the chip. This will maintain a full impression of the real device and allow for the implementation of attacks that can lead to a remote recovery of funds for all users (e.g., distort seed generation and manipulate ECDSA companies’ nonces).
Trezor, creator of Cryptocurrency Wallets.
To avoid these microcontroller operations, Trezor has implemented a firmware verification mechanism to detect the use of non-Et software. However, ledgers managed to overcome this. This mechanism is not so robust because it “frustrates the determined attacker.”
Like Trezor, Ledger confirmed that the wallet Trezor Safe 5 uses a more recent microcontroller from the STM32 line (STM32U5). With this chip, similar attacks have not been made public so far, as its design explicitly considers voltage failure attacks.
(tagstotranslate)ciberataque
