Uncovered Vulnerability in Tangem Cards by Ledger.
In a recent development, the security team from Ledger has discovered a vulnerability in Tangem's hardware wallet cards. This vulnerability, located in the 'Secure Channel' - an encrypted communication channel between the card and the app, could potentially compromise the security of users' assets.
The vulnerability allows an attacker, given a four-digit PIN, approximately 30 minutes to gain access to the card. Each failed password attempt increases an internal counter, but this counter is only permanently written to memory at the end of the decryption process. This means that if the card is disconnected from power at the crucial moment, the failed attempt remains unsaved, allowing attackers to make practically unlimited attempts without the usual delays.
Under lab conditions, researchers achieved around 2.5 attempts per second, which is approximately 100 times faster than normal. This speed could potentially crack a four-digit PIN in just one hour instead of five days.
Tangem, however, argues that the attack is a complex hardware experiment with limited practical relevance. They also highlight their Access-Code protection, which allows users to create robust codes from any combination of numbers and characters, with a minimum length of four digits.
It's important to note that Tangem cards cannot be secured via firmware updates, leaving already shipped cards potentially vulnerable. This discovery underscores the importance of choosing secure hardware wallets and implementing strong password practices.
As the situation develops, both Tangem and Ledger are encouraged to collaborate and address this vulnerability to ensure the safety and security of their users' assets.
