Última hora
TRKKTC Vatandaşı Aya Napa'da Saldırıya UğradıKR울주군, '한 달 살기' 체류형 관광 프로그램 참가자 모집KR정유 4사, 유가 담합 혐의로 재판 넘겨져…26조원대 경쟁 제한 효과RUЕвропейцы теряют интерес к росту военных расходов НАТО на фоне экономических проблемTRİran Liderinin Cenaze Töreni Yeni Jeopolitik Dengeleri ve Diplomatik Mesajları Ortaya KoyduTRİran'da Eski Dini Lider Hamaney İçin Cenaze Törenleri Devam EdiyorTRAnkara NATO Zirvesi ve Tarihsel Bir Bakış: Emperyalizm EleştirisiTRAvrupa Birliği'nden Türkiye'ye Gümrük Birliği Güncellemesi: "Hazır Değiliz"TRÜniversite Hayali Gerçekleşiyor Ama Masraflar Kaygı VeriyorKR가천대 길병원, AI 활용 EMR 자동 작성 솔루션 '닥터펜슬' 도입TRKKTC Vatandaşı Aya Napa'da Saldırıya UğradıKR울주군, '한 달 살기' 체류형 관광 프로그램 참가자 모집KR정유 4사, 유가 담합 혐의로 재판 넘겨져…26조원대 경쟁 제한 효과RUЕвропейцы теряют интерес к росту военных расходов НАТО на фоне экономических проблемTRİran Liderinin Cenaze Töreni Yeni Jeopolitik Dengeleri ve Diplomatik Mesajları Ortaya KoyduTRİran'da Eski Dini Lider Hamaney İçin Cenaze Törenleri Devam EdiyorTRAnkara NATO Zirvesi ve Tarihsel Bir Bakış: Emperyalizm EleştirisiTRAvrupa Birliği'nden Türkiye'ye Gümrük Birliği Güncellemesi: "Hazır Değiliz"TRÜniversite Hayali Gerçekleşiyor Ama Masraflar Kaygı VeriyorKR가천대 길병원, AI 활용 EMR 자동 작성 솔루션 '닥터펜슬' 도입
Newsgather
BackTrezor Safe 7 Hardware Wallet Vulnerability Disclosed
Trezor Safe 7 Hardware Wallet Vulnerability Disclosed
En desarrollo
Decrypt03.06.2026Tecnología2 dk okuma

Trezor Safe 7 Hardware Wallet Vulnerability Disclosed

En resumen

  • Trezor has revealed a vulnerability in its Safe 7 hardware wallet, discovered by Ledger Donjon.
  • The exploit, a laser fault injection attack on the TROPIC01 chip, reduces PIN protection layers but requires physical access and specialized equipment, leaving user funds protected.

Resumen generado por IA

Por qué importa

Trezor has disclosed a security vulnerability in its Safe 7 hardware wallet, identified during an independent audit by Ledger Donjon. The exploit targets the TROPIC01 Secure Element chip, one of three security layers protecting user PINs.

Tamaño de fuente

Trezor has revealed a vulnerability in its flagship Safe 7 hardware wallet, but affirms that user funds "remain protected" due to the nature of the exploit.

The vulnerability was uncovered during an independent security audit by the Ledger Donjon team, which reported a successful "laser fault injection attack" against the TROPIC01 Secure Element chip. It enables an attacker to extract one of three "secrets" that protect a user's PIN, effectively reducing three layers of protection to two.

"The vulnerability concerns only the TROPIC01 Secure Element chip, one of three physical, independent security layers. Compromising TROPIC01 alone is not enough to give access to the PIN, which is the final layer of protection for your funds," the Trezor blog states. "It also cannot result in tampered Trezor Safe 7 devices with persistent malicious firmware."

It's worth noting that Trezor says that such an attack requires physical possession of the hardware wallet, for the attacker to disassemble it, and for specialized lab equipment to be used. As such, Trezor still calls the TROPIC01 chip an "effective barrier" of protection which "requires significant time and effort to exploit," adding that "users’ funds remain safe."

Blockchain security firm Cyvers echoed Trezor’s assessment that user funds are "safe," telling Decrypt that the attack appears "highly impractical."

Hardware wallets, otherwise known as "cold" wallets, store private keys offline on a physical device. This is in contrast to hot wallets, like MetaMask, which store the user's keys on locally installed software or on cloud-based servers. In the case of the Trezor Safe 7 wallet, the blog post says that the user's keys are fortunately not stored in the TROPIC01 chip.

Unfortunately, due to the vulnerability being hardware-based, the exploit cannot be patched with a firmware update. Trezor did not immediately respond to Decrypt's request for comment on whether it will accept refund requests from customers.

Preguntas abiertas

  • Will Trezor offer refunds to affected customers?
  • What specific model of the TROPIC01 chip is affected?
  • Are there any plans for a hardware revision or alternative chip?

Temas relacionados

This article was originally published by Decrypt.

Noticias relacionadas

Más sobre este tematrezor