Kraken Labs exposes security flaw in TREZOR wallet & Trezor responds

By CryptoTapas.com | Bitcoinz News | 2 Feb 2020

Kraken Labs reported 'Read Protection (RDP) Downgrade attack' in both Trezor One and Trezor Model T on 30 October 2019. Trezor has responded to the vulnerabilities reported by Kraken Labs.

According to the Trezor, "The RDP Downgrade involves the voltage glitching of the STM32 microchip, which allows the attacker with specialized hardware, knowledge, and physical access to bypass the protection put in place by the manufacturer and extract the contents of the microcontroller’s flash memory. This way, the attacker can obtain the encrypted recovery seed from the device."

First, this vulnerability is exploited only when the Trezor wallets are 'physically' accessed. Even then, according to Trezor (and later clarified by Kraken Labs), you can avoid this attack by securing your Trezor wallet with a passphrase.

Trezor said in its response "It’s important to note that this attack is viable only if the Passphrase feature does not protect the device. A strong passphrase fully mitigates the possibilities of a successful attack."

So remember to use Passphrase on your Trezor Wallets to steer clear of RDP attack.

Please follow us for more interesting pieces.

Crypto News Cryptocurrency News Bitcoin News Trezor Kraken

How do you rate this article?

CryptoTapas.com

My name is RK Reddy. I write exclusive content for CryptoTapas.com; Our content is original, unique, researched and balanced. We have exclusive interviews with CEOs of great blockchain companies. Our eBooks and special alerts are free for subscribers