Three researchers and engineers have published a presentation from the 35th Chaos Communication Congress revealing claimed vulnerabilities in cryptocurrency hardware wallets. Trezor and Ledger have responded saying in short, their user’s cryptocurrency balances are safe.
Dmitry Nedospasov, Thomas Roth, and Josh Datko, created the website wallet.fail and promised to publish their presentation to the Chaos Communication Congress online after the event. Within 24 hours the researcher’s claims have been published and two leading hardware wallet makers have responded.
Firstly, the researchers performed an attack that modified the physical wallet and used malware on the cryptocurrency owner’s PC in combination with a potential attacker in a nearby room needing to remotely enter the hacked PIN and launch the cryptocurrency application. Ledger says of this type of attack.