A security flaw that allows hackers to brute pincodes on Tangem’s cold wallet cards by blocking out the source of power was revealed yesterday by Leisure’s White Hat Hacker Team Don Jong.
Ledger CTO Charles Guillemet announced a “tee attack” against X after revealing the exploit at a rival hardware wallet company. Unfortunately for Tangem, Donjon pointed out that existing Tangem cards cannot be patched.
To carry out the attack, Donjon discovered that he would turn off the Tangem card before admitting the password attempt Stop registering failed passwords.
Hackers need to determine if they have found the right password.
By analyzing the electromagnetic emissions, Donjong discovered that the card emits on each trial, and that he could see the pattern of electromagnetic emissions at peaks indicating that the correct combination was found.
By doing this, hackers You can try as many passwords as you like Without fear of activating security protocols.
Donjon, a makeshift antenna created with a focus on Chip’s electromagnetic emissions
Read more: Suspicion of mastermind of Ledger Exec’s arrested in Morocco
Donjon says that they usually force a four-digit code with Tangem security protection and eight-digit codes to force a 8-digit code.
However, “Tearing Attack” will be reduced this time by approximately one hour for a four-digit code and approximately 460 days for an eight-digit code.
It estimates the cost to do all this will reach $5,000, adding, “The need to physically proximity to the target card remains a prerequisite due to the relatively low setup costs and wide range of attackers.”
Anyway, there’s not much you can do to fix your current tangem card exploit. It’s not a patchable fix. So, Donjon’s advice for at-risk users is to use a password of at least eight characters, with a mix of letters, numbers, and symbols.
Tangem is not embarrassed about the results of the card’s investigation
According to Donjon, Tangem was not troubled by Donjon’s findings and concluded that it was not a vulnerability. “In their opinion, the proposed attack scenario poses no significant risk,” Dongjong argued.
For this reason, Dongjong’s representative told Protos that despite Dongjong “following a responsible disclosure process”, Tangem did not award them any prize money.
In fact, Tangem told Protos that he rewarded “practical, real-world vulnerabilities” rather than “a theoretical lab attack that self-destructs by design and requires immeasurable resources.”
Read more: Hackers were able to print unlimited “ether” but instead opted for a $2 million bug bounty
According to Tanjem, Donjon’s method would essentially “physically destroy the card’s chips long before the access code is guessed.”
Even if it survives, I said that dividing the four-digit code would take several months, and Over 64 years For 5 digits.
“This study oddly focused on four-digit pins, but our cards support stronger alphanumeric access codes with symbols, making the actual challenge exponentially difficult.
“For these reasons, the scenario remains purely academic. The research is technically interesting, but does not represent practical vulnerabilities or risks to users,” concluded Tangem.
However, Dongjong discovered that Tangem’s response to his discovery was “disappointing,” calling the argument “inaccurate.”
- Dongjong said the cards they tested were never dead and “the laceration process means that no writing has been done in flash memory.
- It claims that exploits speed up brute force attacks by “100x”. Especially with weak passwords that Tangem rejects.
- Donjon also states that, thanks to its low cost, this security test is necessary for basic level certification such as “EAL 3 Grade” rather than “sophisticated attacks.”
The ledger is not perfect either
Donjon Ledger is a security research team posted on Crypto Hardware Wallet Firm Ledger. In addition to supporting ledgers, he says, “Sometimes, teams are also working to improve the security of the ecosystem.”
However, there are cases where ledger exploits have led to the results users have felt.
Read more: “Distributed” Apps Suffer after Ledger Connection Kit Attack
One supply chain attack in 2023 allowed hackers to drain the wallets of users using Ledger’s Connect kits when their former employee’s accounts were breached.
In July 2020, Ledger revealed that its e-commerce and marketing databases had been compromised, releasing the personal information of many customers.
By December, this data had leaked, and a series of scammers began sending fake ledger wallets to exposed customers.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
