Hardware wallets manufacturer Ledger reported product vulnerabilities to its main competitor, Trezor. Representatives of the company explained that they consider it their duty to warn users about the dangers of these devices.
“We are constantly trying to hack our own devices to ensure that we maintain the highest standards of security in the face of new threats from increasingly sophisticated intruders. We use the same methods on our competitors' devices, because we have the overall responsibility for ensuring a high level of security for the entire industry, ” Ledger representatives explained.
Experts have found that hackers can hack the device with the help of malware, and then re-pack it in a box. They note that a sticker to protect against unauthorized access can be easily removed with a heated scalpel. In this case, the sticker remains intact and can be returned to its place.
In addition, Ledger managed to pick up the PIN-code to the Trezor wallet using a third-party attack. Experts measured the power consumption of the device at the moment when it compared the PIN code presented to its actual value. This allowed them to access the wallet after 5 attempts.
Previously, the company Ledger has released a new Bluetooth-wallet . The device can store up to one hundred different coins.