Hardware wallet Trezor was exposed to extract key seeds in just 5 minutes. And the vulnerability cannot be fixed by patch.
electrum trezor vs just trezor
Trezor One: The last generation of Trezor Fist products, with 2 keys and a small LCD screen, connects to the software side of the computer via a USB cable.
Many wallets, including hardware wallets, support this standard, including Breadwallet, Copay, Multibit HD and Mycelium, Jaxx, MetaMask, MyEtherWallet, Keepkey, Ledger, and Trezor, among which Trezor is the proposer of BIP-39.
Satoshi Labs, a provider of hardware wallet Trezor, announced that the latest versions of its two hardware wallets, Trezor One and Trezor Model T, offer a beta download of Bitcoin-only firmware and plan to release a stable version of the Bitcoin firmware next month. SatoshiLabs officials said the update was intended to provide Bitcoin fundamentalists with a two-wallet (Trezor One and Model T) interface that is limited to Bitcoin functionality.
Electrum wallets have been hacked in recent days and nearly 250 bitcoins have been stolen, according to blockchain security team Devi Security Labs. This attack, confirmed by Electrum, involves creating a fake version of the wallet to trick users into providing password information. Electrum responded on Twitter that "this is an ongoing phishing attack on Electrum users and advised users to download wallet apps from the official website." Mars Finance reminds users not to install electrum wallets from unknown sources.
Another upgrade under study is the release of a new version of the Electrum-LTC desktop wallet. Electrum-LTC is an SPV wallet that can be used in Windows, Linux, and OS X operating systems.
In this demo, Electrum developer Chris Belcher shows how to set up and use electrum personal servers.
Why use Electrum? Here are a dozen of the benefits of electrum wallets.
Attackers exploit Electrum's software exceptions to construct malicious software update prompts, induce users to update download malware usage, and alert users to carefully check information, identify official websites and software versions, and sign checks if using electrum prompt updates.
The main reason for the Trezor vulnerability is that it does not have built-in multi-signature functionality, so its multi-signature implementation is to support Electrum extensions. This leads to an attack on Electrum, and Trezor is affected.