Ledger 安全团队披露 Trezor Safe 7 所用芯片硬件漏洞，Trezor 称用户资金安全

链捕手

Jun 03

ChainCatcher 消息，据 The Block 报道，Ledger 旗下 Donjon 安全团队在实验室环境下，通过精密激光攻击绕过 Trezor Safe 7 所用 TROPIC01 芯片的固件验证机制，可在攻击者持有设备实物的前提下加载未授权固件。

芯片厂商 Tropic Square 进一步发现，该芯片用于 PIN 验证的 MAC-and-Destroy 安全机制存在额外攻击路径，但将在强化版芯片于 2026 年底推出前暂不公布细节。

Trezor 表示，PIN、助记词备份和私钥从未存放在单一芯片上，已通知合作方且普通用户无需操作，目前可通过关闭芯片 MAINTENANCE 模式降低攻击可行性。

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2640041929"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2640041929\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2640041929?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2026-06-03 20:27","share_image_url":"https://static.laohu8.com/e9f99090a1c2ed51c021029395664489","id":"2640041929","market":"sg","top_or_hot":-1,"title":"Ledger 安全团队披露 Trezor Safe 7 所用芯片硬件漏洞，Trezor 称用户资金安全","media":"链捕手","content":"<html><body><p>ChainCatcher 消息，据 The Block 报道，Ledger 旗下 Donjon 安全团队在实验室环境下，通过精密激光攻击绕过 Trezor Safe 7 所用 TROPIC01 芯片的固件验证机制，可在攻击者持有设备实物的前提下加载未授权固件。</p>\n<p>芯片厂商 Tropic <a href=\"https://laohu8.com/S/XYZ\">Square</a> 进一步发现，该芯片用于 PIN 验证的 MAC-and-Destroy 安全机制存在额外攻击路径，但将在强化版芯片于 2026 年底推出前暂不公布细节。</p>\n<p>Trezor 表示，PIN、助记词备份和私钥从未存放在单一芯片上，已通知合作方且普通用户无需操作，目前可通过关闭芯片 MAINTENANCE 模式降低攻击可行性。</p></body></html>","source":null,"html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>Ledger 安全团队披露 Trezor Safe 7 所用芯片硬件漏洞，Trezor 称用户资金安全</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nLedger 安全团队披露 Trezor Safe 7 所用芯片硬件漏洞，Trezor 称用户资金安全\n</h2>\n\n<h4 class=\"meta\">\n\n\n<a class=\"head\" href=\"https://laohu8.com/wemedia/1041503808\">\n\n\n<div class=\"h-thumb\" style=\"background-image:url(https://community-static.tradeup.com/news/64f0784cc29a0d0070f6e968ef6ec7f5);background-size:cover;\"></div>\n\n<div class=\"h-content\">\n<p class=\"h-name\">链捕手 </p>\n<p class=\"h-time\">2026-06-03 20:27</p>\n</div>\n\n</a>\n\n\n</h4>\n\n</header>\n<article>\n<html><body><p>ChainCatcher 消息，据 The Block 报道，Ledger 旗下 Donjon 安全团队在实验室环境下，通过精密激光攻击绕过 Trezor Safe 7 所用 TROPIC01 芯片的固件验证机制，可在攻击者持有设备实物的前提下加载未授权固件。</p>\n<p>芯片厂商 Tropic <a href=\"https://laohu8.com/S/XYZ\">Square</a> 进一步发现，该芯片用于 PIN 验证的 MAC-and-Destroy 安全机制存在额外攻击路径，但将在强化版芯片于 2026 年底推出前暂不公布细节。</p>\n<p>Trezor 表示，PIN、助记词备份和私钥从未存放在单一芯片上，已通知合作方且普通用户无需操作，目前可通过关闭芯片 MAINTENANCE 模式降低攻击可行性。</p></body></html>\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"SMHX","symbol_name":"VanEck Fabless Semiconductor ETF","start_time":0,"source_url":"https://www.chaincatcher.com/article/2268993","article_id":"2640041929","we_media_id":"1041503808","thumbnails":[],"rights":null,"url":"https://stock-news.laohu8.com/highlight/detail?id=2640041929","pubTimestamp":1780489628,"columns":[],"sourceInfo":null,"weMediaInfo":{"media_name":"链捕手","introduction":"链捕手ChainCatcher 成立于 2018 年，是一家领先的中文 Web3 媒体及数据服务商。","home_visible":1,"id":"1041503808","head_image":"https://community-static.tradeup.com/news/64f0784cc29a0d0070f6e968ef6ec7f5"},"summary":" ChainCatcher 消息，据 The Block 报道，Ledger 旗下 Donjon 安全团队在实验室环境下，通过精密激光攻击绕过 Trezor Safe 7 所用 TROPIC01 芯片的固件验证机制，可在攻击者持有设备实物的前提下加载未授权固件。\n\n芯片厂商 Tropic Square 进一步发现，该芯片用于 PIN 验证的 MAC-and-Destroy 安全机制存在额外攻击路径，但将在强化版芯片于 2026 年底推出前暂不公布细节。\n\nTrezor 表示，PIN、助记词备份和私钥从未存放在单一芯片上，已通知合作方且普通用户无需操作，目前可通过关闭芯片 MAINTENANCE 模式降低攻击可行性。 ","collect":0,"end_time":0,"defaultTopTitle":"","property":[],"viewcount":null,"language":"zh","relate_stocks":{"159813":"芯片","SMHX":"VanEck Fabless Semiconductor ETF","SOXL":"三倍做多半导体ETF-Direxion Daily","FTXL":"First Trust Nasdaq Semiconductor ETF","CHAT":"ROUNDHILL GENERATIVE AI & TECHNOLOGY ETF","BK4588":"碎股","SOXQ":"Invesco PHLX Semiconductor ETF","SOXS":"三倍做空半导体ETF-Direxion Daily","TEKX":"SPDR Galaxy Transformative Tech Accelerators ETF","SOXX":"iShares费城交易所半导体ETF","PSI":"INVESCO SEMICONDUCTORS ETF","SOXY":"YieldMax Target 12 Semiconductor Option Income ETF","BK4585":"ETF&股票定投概念","CHPS":"XTRACKERS SEMICONDUCTOR SELECT EQUITY ETF","XSD":"SPDR S&P Semiconductor ETF","SMH":"半导体指数ETF-HOLDRs","USD":"ProShares Ultra Semiconductors","SSG":"Proshares Ultrashort Semiconductors","CHPY":"YieldMax Semiconductor Portfolio Option Income ETF","BK4535":"淡马锡持仓"},"translate_title":"Ledger Security Team Reveals Hardware Vulnerability of Chips Used in Trezor Safe 7, Trezor Says User Funds Are Safe","themeId":null,"isJumpTheme":false,"ttsUrl":"https://static.tigerbbs.com/79f65baddad032b91fcd2df7adb0388b","symbols_score_info":{"159813":1.5,"SOXQ":1.5,"SOXS":1.5,"XSD":1.5,"SOXY":1.5,"USD":1.5,"CHAT":1.5,"SMH":1.5,"SSG":1.5,"SMHX":1.5,"SOXX":1.5,"CHPS":1.5,"CHPY":1.5,"FTXL":1.5,"PSI":1.5,"SOXL":1.5,"TEKX":1.5},"content_text":"ChainCatcher 消息，据 The Block 报道，Ledger 旗下 Donjon 安全团队在实验室环境下，通过精密激光攻击绕过 Trezor Safe 7 所用 TROPIC01 芯片的固件验证机制，可在攻击者持有设备实物的前提下加载未授权固件。\n芯片厂商 Tropic Square 进一步发现，该芯片用于 PIN 验证的 MAC-and-Destroy 安全机制存在额外攻击路径，但将在强化版芯片于 2026 年底推出前暂不公布细节。\nTrezor 表示，PIN、助记词备份和私钥从未存放在单一芯片上，已通知合作方且普通用户无需操作，目前可通过关闭芯片 MAINTENANCE 模式降低攻击可行性。","kind":"highlight","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"","news_rank":0,"isVideo":false,"video":null,"symbols":[],"gpt_button":0,"need_auth":false,"need_login_tip":false,"code":"91000000","status":"200"}}}