In the rapidly evolving landscape of crypto security, leading hardware wallets are not immune to emerging threats. A recent report from cybersecurity experts at Ledger has raised serious concerns regarding the security of Trezor’s latest Safe models. While Trezor markets these devices as featuring secure elements and enhanced design, Ledger claims significant vulnerabilities persist.
Despite improvements such as the introduction of dual-chip setups and certified secure elements like the Optiga Trust M, Ledger’s analysis suggests that Trezor’s devices can still fall prey to sophisticated physical supply-chain attacks. Ledger emphasizes that critical cryptographic operations are conducted on a microcontroller that remains vulnerable to advanced exploitation techniques. According to their report published on March 12, 2025, the vulnerabilities stem primarily from the microcontroller labeled TRZ32F429, which is essentially identical to the STM32F429 chip known for its weaknesses against voltage glitching attacks.
These voltage glitching techniques enable unauthorized read and write access to the chip’s memory contents, posing a severe risk to the security of stored PINs and cryptographic secrets. Moreover, although Trezor has implemented tamper-evident measures, Ledger’s researchers note that it is merely a matter of time and effort before a determined hacker could deploy successful attacks, emphasizing that these exploits could be launched entirely in software, making them tough to detect through traditional security measures.
In response to Ledger’s findings, Trezor took to their X account, reassuring users that their funds are safe and pointing out that the techniques cited by Ledger were not new, having been previously documented as methods to bypass certain countermeasures. Nevertheless, the report serves as a critical reminder of the ongoing challenges in the hardware security space.
As the crypto community continues to innovate, remaining alert to these risks is paramount. Both users and manufacturers must advocate for ongoing improvements and updates to combat these types of threats effectively. Investors and users alike should prioritize their hardware wallet choices carefully, continually assessing device security against the persistent evolution of hacking techniques.
