Ledger researchers reset Tangem wallet passwords with a single laser pulse, revealing an unpatchable firmware flaw


4 recorded changes
Want your article here?
Promote with Leviathan News

4 recorded changes
Want your article here?
Promote with Leviathan NewsLedger Donjon used a single nanosecond laser pulse to fault Tangem’s SetPin recovery check, set an attacker-controlled password, and gain signing control without the old password or a backup card. Donjon says every Tangem card in circulation is exposed, recovery settings do not stop the attack, and the immutable firmware leaves no patch path after its February 10, 2026 disclosure to Tangem. The team reports 100% success in its tests, but each run still needs physical possession, invasive chip access, a roughly $250,000 lab, and about two hours once the fault parameters are known.
TLDR by @Benthic

trezor.io ·

𝕏/@WuBlockchain ·

The Block ·

𝕏 ·

Securelist ·

CoinTelegraph ·

trezor.io ·

𝕏/@WuBlockchain ·

The Block ·

𝕏 ·

Securelist ·

CoinTelegraph ·
🚀 Love DeFi? Ready to dive in and start earning $SQUID while making an impact?