Trezor discloses potential vulnerability in older Safe 3 crypto wallets following white hat research by rival Ledger

On March 5, hardware wallet provider Trezor disclosed a potential vulnerability in one of its older crypto wallet models. The attack is largely "theoretical" and would likely only affect users who purchased their device third-hand.

Trezor made the disclosure after its primary rival, Ledger, communicated the issue to the firm. On Wednesday, Ledger released additional insights into the exploit, exploring in greater detail how the extremely technical attack could be pulled off. Donjon, Ledger’s Paris-based security unit, reportedly reused a known "physical supply chain attack" and found that a particular Trezor model released in 2023, Safe 3, remains insecure. 

"Ledger Donjon recently evaluated our Trezor Safe Family and successfully reused a previously known attack to demonstrate how some countermeasures against supply chain attacks in Trezor Safe 3 can be bypassed," Trezor said. 

That said, the attack does not affect most of Trezor's wallets, including its most recent release, Trezor Safe 5, or its first two generations, Trezor Model One and Model T. Moreover, the attack depends on a specific set of circumstances and a high degree of expertise to pull off — making it impractical for widespread exploitation. For that reason, Trezor does not caution immediate action from Safe 3 users, especially if the device was purchased from official sources.

At some point, however, if a third party has physical access to a user's device, it may be at risk.

The attack 

The attack demonstrated by Donjon exploits a weakness in Trezor Safe 3's microcontroller — a small, programmable computer chip that handles user inputs and signs transactions — using a technique called voltage glitching. If an attacker can physically access the device, desolder the microcontroller and apply precise voltage changes, he can trick the device into revealing its flash memory contents. 

This enables the attacker to reprogram the microcontroller with malicious software, potentially allowing the attacker to reveal a wallet’s seed phrase and access the stored funds — whether the hacker currently has access to the device or manipulated it before a victim acquired it.

"While hardware wallets offer strong security, no system is entirely immune to physical attacks," Trezor writes. "Given enough time, expertise, and resources, a determined attacker could theoretically attempt to extract private keys from a stolen device."

To mitigate risks, newer Trezor models include a "passphrase," which is kept off the device as an extra layer of security for a wallet backup. It has also reinforced its multi-layered security, including firmware integrity checks. The Trezor Safe 5 also uses an upgraded STM32U5 microcontroller that is resistant to voltage glitching.

Staying safe

Both Trezor and Ledger suggest that users only purchase devices directly to ensure that a wallet has not been compromised. A third party, like an unauthorized reseller, could tamper with the device during the supply chain process and alter its hardware or software. In other words, users should be aware of a wallet's chain-of-custody, given that these attacks require physical possession, even briefly, of the hardware wallet.

Many newer hardware wallets contain a "Secure Element," a tamper-resistant physical chip in a device designed to protect sensitive information. The Secure Element locks a user's seed phrase behind a PIN, and includes a retry counter to prevent brute-force attacks. However, a weak PIN could still allow an attacker with physical access to unlock it. This is particularly true for Safe 3 devices, which remain vulnerable to microcontroller-based attacks. However, using a longer PIN can make exploitation more difficult.

Users can also check to ensure their wallets are running the correct firmware using the official Trezor Suite, which includes a verification step using a random challenge. Trezor notes users should update their devices to the latest firmware version as upgrades are released and, if there are signs of tampering, reset the device and restore it in a secure environment.

Perhaps most importantly, as Bybit recently learned after its $1.5 billion hack, users should always know whether they are interacting with the application or entity they think they are. This is difficult given the sophistication of certain exploits today, designed to conceal a malicious transaction by "spoofing" a wallet's UI. However, users can learn to use a separate, trusted device (like a clean computer) to avoid any hazards.

If these sound like technical solutions, it's worth noting again that these are highly sophisticated attacks. Unless North Korea's Lazarus Group can find a way to insert itself in the supply chain process between Trezor and an end user, it's unlikely to scale. Instead, if this attack is carried out, it'll likely be against a high-value target. However, that isn't to say users shouldn't be aware of this.

"At Ledger Donjon, our mission is to push the boundaries of security for the benefit of the whole crypto ecosystem," Ledger CTO Charles Guillemet said. "We appreciate Trezor’s responsiveness to this responsible security disclosure, and that Trezor addressed the vulnerabilities we found, showcasing the importance of continuous improvement and cooperation in the crypto space."

Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.

© 2025 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.