Unciphered, a company that specializes in recovering lost cryptocurrency, demonstrated how it broke into the Satoshi Labs’ Trezor T hardware wallet using specialized equipment.
In a video posted to Youtube on Wednesday, Unciphered co-founder Eric Michaud dismantles the hardware on the device and connects it to an exploit that was developed in-house. Using specialized software, he claims to have extracted the seed phrase, or private keys, to get into the wallet.
“The exploit for the Trezor T is unfixable with firmware updates,” said Michaud.
“In order to fix this, Satoshi Labs will have to recall all their products, which they’re likely not going to do,” he added.
Some users suggested that the exploit demonstrated in the video was just a showcase of a known vulnerability, but Unciphered claims that the previous attack had already been patched by Trezor years ago.
That old attack was patched and fixed in 2019.
— Unciphered LLC (@uncipheredLLC) May 24, 2023
The Trezor T wallet that appears in the video demonstration was reportedly provided by CoinDesk, after an extensive series of conversations about a supposedly “unpatchable hardware vulnerability” with the wallet’s STM32 chip.
Trezor told CoinDesk that the attack performed by Unciphered resembled an RDP downgrade attack that required physical theft of a device, extreme technical knowledge and advanced equipment to execute.
The hardware wallet manufacturer claims that it has already taken significant steps to resolve the issue by developing the world’s first auditable and transparent secure element through its sister company Tropic Square.
Hardware wallet security has been a trending topic among industry watchers over the last few weeks, most of which has centered around Ledger and its controversial Recover upgrade. The firm announced an upcoming optional feature that shards encrypted seed phrases and stores them with three different parties, giving users the option to recover their crypto in the event of a lost seed phrase.
Following a significant amount of community backlash, Ledger has now delayed the release of the new recovery feature, pledging to make as much of the code open source before the official launch.