Securely storing digital assets is a major concern for most cryptocurrency users. Wallets can be vulnerable to attack and while there are ways to protect yourself, not all users are as vigilant as others. For this reason, many people — including myself — have suggested using hardware wallets for storage because of their offline nature and robust security features.
However, a recent post on Medium suggests that even these devices are not immune to attack. One of the most popular hardware wallets, Trezor, apparently was vulnerable. But how much do Trezor users need to worry?
Worrying, but not Damning
The original post claimed that all Trezor devices were vulnerable to a fairly simple hack that allowed private keys to be stolen from the device. As we all know, private keys control coins, so you need to be in control of your keys if you want to ensure you own coins. If this vulnerability were exploited, then all the coins kept on the Trezor would be stolen from the device’s owner.
The largest limitation to this attack is that it requires physical access to the hardware wallet itself. This means that there may have been relatively few potential victims, since many people who have hardware wallets keep them inside a safe or vault.