Can hardware wallets be hacked?

156
Can hardware wallets be hacked?
Advertisement
   

Managing cryptocurrency assets can be done in a custodial or non-custodial way. Those who opt for the latter often use a hardware wallet, which provides many benefits but also has a steep learning curve. Even then, the question remains: are these devices 100% secure?

Hardware Wallets Are Powerful

There are many good reasons why so many crypto users rely on hardware wallets to protect their assets. Unlike a software wallet, the hardware unit doesn’t connect to the internet directly. Instead, it often requires a computer or mobile device connection, introducing an extra security layer. Moreover, the private keys and seed phrases are only stored locally. That means no one can access them without physical access to the device and the necessary credentials to use funds.

Although hardware wallets may seem a bit cumbersome initially, they also provide peace of mind. Users do not need to worry about hackers infiltrating their computer or mobile device and stealing their crypto assets in a software wallet. Instead, wallet apps can interface with the hardware unit but not access funds directly. Spending money requires confirmation on the hardware wallet and may require additional two-factor authentication.

There is a small upfront cost when buying a hardware wallet. Numerous manufacturers sell these products at affordable prices. A Ledger device can be had starting at 78 euros, whereas the Satochip costs 25 euros. There are also units by Trezor (starting at 69 euros) and SafePal, which has never been hacked or involved in any hack-related claims, priced at $50.

There is something for everyone in the hardware wallet space. However, users must always prepare for the responsibilities of using these devices. That includes backing up the private keys or seed phrase correctly and ensuring no one can access that data. Embarking on a self-custody journey isn’t without risks, though.

Advertisement
   

Physical Hacks Are Somewhat Possible

Hacking crypto hardware wallet differs from going after software wallet users. As these hardware units have no internet connection, a hacker cannot install malware directly. Instead, they often require physical device access. That should be hard to achieve, assuming device owners don’t leave their wallets out in the open. Even then, one would need access to the PIN code or security keys to use the device.

However, there has been some talk recently about a vulnerable Trezor wallet. Two hackers successfully recovered a lost PIN on the device through some tinkering. While that would be cause for concern, Trezor quickly explained that the bug dated back to 2017 and was patched shortly after its discovery. As such, devices from 2018 and later are safe. However, the vulnerability existed in the past, and it would have been possible to retrieve a forgotten PIN code through that method.

As such, the “hack” is somewhat valid, albeit outdated. Users who have an older Trezor model – or a model from Ledger, SafePal, or other manufacturers – may want to ensure they upgrade their units regularly. Like a computer or TV, hardware wallets come in many iterations. It is never a bad idea to go for a newer model after a few years to avoid any vulnerabilities in older generations.

Self-Custody Might Not Be For You

Over the years, people have dived head-first into cryptocurrency without the necessary knowledge to make well-educated decisions. The same applies to hardware wallets. It is the best option to store cryptocurrency long-term, but it may not be for everyone. Binance CEO Changpeng Zhao recently debated how most users are likely to lose [some of] their funds when opting for self-custody. It is a bigger task than just sending funds to a new address.

While a solid concept, self-custody isn’t always practical. Losing the hardware wallet is not the biggest issue, although a likely scenario for many. Assuming they backed up the security keys correctly, they can restore the wallet quickly through a new device. Unfortunately, many will struggle to back up this information. Writing it on a piece of paper is out of the question. Using encryption is the best option, although it negates convenience.

Another key concept to consider is the idea of “next of kin”. If the owner of a hardware wallet passes away, the funds will not automatically transfer to the next of kin. Centralized exchanges like Binance have built-in procedures to handle such unfortunate developments, making them favourable for storing crypto. Even so, if one is tech-savvy, self-custody is the most viable option.

There are many factors to consider when opting for hardware wallets to store cryptocurrencies. However, they are excellent for those willing to take the necessary steps to keep funds secure. That doesn’t mean they can’t be hacked, but it is a rather unlikely scenario.


Disclaimer: The ‘Crypto Cable’ section features insights by crypto industry players and is not part of ZyCrypto’s editorial content. ZyCrypto does not endorse any company or project on this page. Readers should conduct their own independent research before taking any actions related to the company, product, or project mentioned in this piece.