Grand Idea Studio

Trezor One Fault Injection

 

Fault injection, also known as ‘glitching,’ is a process to intentionally cause a system to misbehave in a way that is beneficial to an attacker. This technique is commonly used to defeat a microcontroller’s security mechanisms, which are intended to protect access to its debug interface and/or internal memory/data.

The Trezor One is a popular hardware wallet designed to store a user’s cryptocurrency private key. If an attacker is able to extract that private information, they will be able to access the user’s cryptocurrency. The Trezor One features an ST Microelectronics STM32F2-series microcontroller that is known to be vulnerable to glitching

This story follows our journey as we aim to hack a Trezor One and recover $2 million worth of cryptocurrency.

Press

Hamish & Andy

Episode 161

Business Insider

I'm a hacker who helps people ...

Boing Boing

How my friend recovered $2 million ...