Anti-klepto explained: how the BitBox02 protects you against leaking private keys Security Anti-klepto explained: how the BitBox02 protects you against leaking private keys The BitBox02 is the first hardware wallet that offers protection against the nonce covert channel attack, by supporting a protocol called anti-klepto.
Remote multisig theft attack on the Coldcard hardware wallet Security Remote multisig theft attack on the Coldcard hardware wallet tl;dr: When registering a multisig wallet in a Coldcard, the Coldcard did not verify that it is actually part of the multisig wallet. This allowed a malicious computer wallet
Coldcard isolation bypass Security Coldcard isolation bypass Responsible disclosure of a Coldcard vulnerability that allows an attacker to spend your bitcoins when you think you are signing a testnet transaction.
How nearly all personal hardware wallet multisig setups are insecure Security How nearly all personal hardware wallet multisig setups are insecure If you use hardware wallets in a Bitcoin multisig setup, using a single computer to handle them, you are likely to be exposed to remote theft or ransom attacks.
A ransom attack on Trezor's and KeepKey's passphrase handling Security A ransom attack on Trezor's and KeepKey's passphrase handling Responsible disclosure of a remote ransom attack on Trezor hardware wallets where users are vulnerable when entering the passphrase on the computer.
Theft attack on Trezor Model T Security Theft attack on Trezor Model T Responsible disclosure of a vulnerability affecting Trezor Model T multisig wallets that allow theft of all funds of an account.