Opinion by: Igor Zemtsov, chief know-how officer at TBCC
Crypto safety is a ticking time bomb. Updatable firmware may simply be the match that lights the fuse.
{Hardware} wallets have turn out to be the holy grail of self-custody, the last word safeguard towards hackers, scammers and even authorities overreach. There’s an inconvenient reality, nevertheless, that most individuals ignore: Firmware updates aren’t simply safety patches.
They’re potential backdoors, ready for somebody — whether or not a hacker, a rogue developer or a shady third celebration — to kick them broad open.
Each time a {hardware} pockets producer pushes an replace, customers are pressured to select. Hit that replace button and hope for the perfect, or refuse to replace and danger utilizing outdated software program with unknown vulnerabilities. Both method, it’s a raffle.
In crypto, a foul gamble can imply waking as much as an empty pockets.
Firmware updates aren’t at all times your pal
Updating firmware appears like frequent sense. Extra safety! Fewer bugs! Higher person expertise!
Right here’s the factor: Each replace can also be a possibility not only for the pockets supplier however for anybody with the ability, or motivation, to tamper with the method.
Hackers dream of firmware vulnerabilities. A rushed or poorly audited replace can introduce tiny, nearly imperceptible flaws — ones that sit within the background, ready for the fitting second to empty funds. And the perfect half? Customers won’t ever know what hit them.
Then there’s the extra unsettling chance: deliberate backdoors.
Current: Hardware wallet Ledger helps competitor Trezor resolve security vulnerability
Tech firms have been pressured to incorporate government-mandated surveillance instruments earlier than. What makes anybody assume {hardware} pockets makers are exempt? If a regulatory company — or worse, a prison group — desires entry to personal keys, firmware updates are the right assault vector. One hidden operate. One disguised line of code.
That’s all it takes. Nonetheless assume firmware updates are innocent?
Firmware vulnerabilities are already being exploited
This isn’t some far-fetched, doomsday situation. It has already occurred.
Ledger, one of many greatest names in crypto safety, had a serious safety disaster in 2018 when safety researcher Saleem Rashid exposed a vulnerability that allowed attackers to switch Ledger Nano S firmware and hijack non-public keys. Almost 1 million gadgets have been in danger earlier than a repair was rolled out. The scary half? There was no method for customers to know if their gadgets had already been compromised.
In 2023, OneKey suffered a similar nightmare. White hat hackers demonstrated that its firmware may very well be cracked in mere seconds. No crypto was misplaced — this time. However what if actual attackers had discovered the flaw first?
Then got here the “Dark Skippy” exploit, taking firmware-based assaults to a completely new degree. With simply two signed transactions, hackers might extract a person’s whole seed phrase — with out setting off a single alarm. If firmware updates may be manipulated this simply, how can anybody make certain their belongings are protected?
The hidden value of updatable firmware
To be truthful, not all firmware updates are safety disasters. Ledger makes use of a proprietary working system and safe component chips for added safety now. Trezor takes an open-source method, permitting the neighborhood to scrutinize its firmware. Coldcard and BitBox02 give customers guide management over updates, lowering — however not eliminating — danger.
Right here’s the actual query: Can customers ever be 100% positive that an replace gained’t introduce a deadly flaw?
Some wallets have determined to remove the chance altogether. Tangem ships with fastened, non-updatable firmware, that means that its code can by no means be altered as soon as the gadget leaves the manufacturing facility. No updates. No patches.
In fact, this method has its trade-offs. If a vulnerability is found, there’s no approach to repair it. However in safety, predictability issues.
Actual crypto safety means taking again management
The crypto market was value $2.79 trillion as of March 2025. With that a lot cash on the desk, cybercriminals, rogue insiders and overreaching governments are at all times searching for weak factors. {Hardware} pockets makers must be laser-focused on safety.
Selecting a {hardware} pockets shouldn’t really feel like playing with non-public keys. It shouldn’t contain blind belief in an organization’s capacity to push updates responsibly. Customers deserve greater than imprecise reassurances. They deserve safety fashions that put management the place it belongs — with them.
Safety isn’t about comfort. It’s about management. Any system that requires trusting unknown builders, opaque replace processes or firmware that may be modified at will? That’s not management. That’s a legal responsibility.
The one actual approach to hold a {hardware} pockets protected? Take away the guesswork. Strip away the blind belief. All the time analysis the builders’ backgrounds, examine their observe document for safety incidents, and see how they’ve dealt with previous vulnerabilities. Persist with verifiable info — safety ought to by no means be based mostly on assumptions.
Opinion by: Igor Zemtsov, chief know-how officer at TBCC.
This text is for common info functions and isn’t supposed to be and shouldn’t be taken as authorized or funding recommendation. The views, ideas, and opinions expressed listed here are the creator’s alone and don’t essentially replicate or symbolize the views and opinions of Cointelegraph.
