Trezor and Ledger, two of the most widely utilized cryptocurrency hardware wallets, have reaffirmed that the recently discovered vulnerabilities on CPUs and the latest Spectre attacks have not affected hardware cryptocurrency wallets.
Hardware wallets not vulnerable
As Cointelegraph previously reported, Pavol Rusnak, the chief technical officer at Satoshi Labs, the parent company of Trezor, wrote:
“As more people are asking: @TREZOR is not vulnerable to recent Meltdown and Spectre hardware attacks, because it has processor not affected by these. Also our firmware is always signed, so the device never runs untrusted code. Using a hardware wallet is now more important than ever.”
Rusnak emphasized that users should rely on hardware wallets at this specific period of time, because Spectre attacks have drastically impacted the cloud services on which many cryptocurrency exchanges and wallet platforms operate. Earlier today, several cryptocurrency exchanges including Bittrex were taken offline due to the vulnerabilities found in Intel CPUs. These weaknesses affected Azure cloud services offered by Microsoft, and by extension, the exchanges hosted on Azure.
“Meltdown and Spectre show that it is possible for attackers to exploit these design flaws to access the entire memory contents of a machine. The most visceral attack scenario is an attacker who rents 5 minutes of time from an Amazon or Google or Microsoft cloud server and steals data from other customers renting space on that same cloud server.”