WalletScrutiny on Nostr: Kaspersky took apart a modified Trezor Model T. Key take aways: * The modification ...
Kaspersky took apart a modified Trezor Model T. Key take aways:
* The modification was not detectable upon visual inspection
* The device performed like a normal device
* It had "firmware 2.0.4" installed, which to a normal user would not raise suspicion
* It used poor entropy - a set of only 20 possible seed phrases. This entropy is so small it probably is designed to let the user get new keys on demand but different victims would probably have different sets of keys as to not find other people's coins
* It prevented effective passphrase protection by only considering the first letter of a passphrase - the user would feel protected by seeing different wallets for different passphrases but the hacker could trivially brute force all possible passphrases
https://www.kaspersky.com/blog/fake-trezor-hardware-crypto-wallet/48155
* The modification was not detectable upon visual inspection
* The device performed like a normal device
* It had "firmware 2.0.4" installed, which to a normal user would not raise suspicion
* It used poor entropy - a set of only 20 possible seed phrases. This entropy is so small it probably is designed to let the user get new keys on demand but different victims would probably have different sets of keys as to not find other people's coins
* It prevented effective passphrase protection by only considering the first letter of a passphrase - the user would feel protected by seeing different wallets for different passphrases but the hacker could trivially brute force all possible passphrases
https://www.kaspersky.com/blog/fake-trezor-hardware-crypto-wallet/48155