Ledger Claims Trezor Safe Devices Remain Vulnerable to Supply Chain Attacks

Ledger has released a detailed security report analyzing the latest Trezor Safe 3 and Safe 5 hardware wallets, highlighting significant security improvements over previous Trezor models.

However, despite these advancements, Ledger warns that the new devices remain vulnerable to specific supply chain attacks due to their reliance on a microcontroller for cryptographic operations.

Ledger's Security Analysis of Trezor Safe Devices

Since its inception, Ledger Donjon has actively conducted open security research on various hardware wallets, including previous Trezor models, such as the Trezor One and Trezor T.

These earlier devices were found to be highly susceptible to physical seed recovery attacks due to their dependence on standard microcontrollers, which are not designed to withstand hardware-based attacks such as voltage glitching.

The release of the Trezor Safe 3 in late 2023, followed by the Safe 5 in mid-2024, marked a major security upgrade for Trezor.

Unlike their predecessors, the new models incorporate an EAL6+-certified Secure Element alongside a microcontroller.

According to Charles Guillemet, CTO Ledger, the Secure Element now handles PIN verification and key storage, making it harder for attackers to extract a user’s private keys through conventional means.

At @Ledger, you might know that we have the @DonjonLedger, our dedicated team constantly conducting open security research.

We recently worked with Trezor, revealing that their Trezor Safe 3 was susceptible to physical supply chain attacks. Here's a thread on our findings:Market News and Data brought to you by Benzinga APIs

© 2025 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

---

Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!

Already a member?Sign in