Has a BTC hardware wallet ever been hacked?

[steppinup]

Maybe a better question is whether BTC in a hardware wallet has ever been stolen?

[amacar2]

Maybe a better question is whether BTC in a hardware wallet has ever been stolen?

I haven't heard about such incident but this can happen, even if passphrase for hardware wallet get lost/stolen you will loss whatever bitcoin you have there if you haven't made backup of it.

But comparatively hardware wallet is the most secure wallet if it is not tampered by manufacturer.

[franky1]

put it this way, they are not 100% fool proof.

envision this.

a hacker makes a trojan with a tool the emulates the browser extension that trezor uses.

so it sits on a computer and waits for someone to plug in their trezor.
next some victim plugs in their trezor. and the trojan displays what looks like the usual trezor page. but this time. its actually the trojan. saying

"error on device, to restore please type in seed"
then the pin number.

and now the hacker has all your details to duplicate your keys on his own device.

hardware wallet are an extra layer of security above just having the private key on you computer.. but dont think they are fool proof. they still need to work on that

[BitcoinBarrel]

There was a recent incident where the owner of KeepKey hardware wallet got hacked and customer information was compromised. The private keys of the user wallets were safe, but still a security risk nonetheless.

[calkob]

The answer is NO, the keepkey incident wasnt in anyway a hack of the hardware i think it was the owner of the company got his email hacked or something like that.  Not great PR but still not a disaster for those using keepkey.  I know for certain that Ledger wallet cant be hacked, the tech in it has been used in European banking cards for years.

[Coin-Keeper]

so it sits on a computer and waits for someone to plug in their trezor.
next some victim plugs in their trezor. and the trojan displays what looks like the usual trezor page. but this time. its actually the trojan. saying

"error on device, to restore please type in seed"
then the pin number.

and now the hacker has all your details to duplicate your keys on his own device.

Its difficult to imagine a user falling for that one!  I suppose anything is possible but wouldn't users know to only initialize their Trezor on a trusted system?

[franky1]

so it sits on a computer and waits for someone to plug in their trezor.
next some victim plugs in their trezor. and the trojan displays what looks like the usual trezor page. but this time. its actually the trojan. saying

"error on device, to restore please type in seed"
then the pin number.

and now the hacker has all your details to duplicate your keys on his own device.

Its difficult to imagine a user falling for that one!  I suppose anything is possible but wouldn't users know to only initialize their Trezor on a trusted system?

the idea of a trusted system is what a hardware wallet meant to be.. not needing internet or a computer.
as soon as you introduce the internet and requirement of downloading a browser extension or bitcoin client. its less than 100% trusted

the next gen hardware wallets should be that the privkey is locked to a inaccessable data source. and just receives public keys via NFC and sends out signed tx's via NFC.

if you need to reset it. you do it from an offline system. not via a browser extension.

[Coin-Keeper]

I agree with your post.  I only do offline updates already!  With Linux, Electrum, and only onion connections, I just don't see how they could get to my Trezor.  I would have to say the better hardware wallets discussed in this forum are only weakened by a pretty serious user error.  Not a little one either, but a major mistake.  I realize that security is my thing in every single way.  I may be surprised but I can't even imagine the "best" out there getting to my Trezor keys.  Not challenging anyone here, just feeling really good about hardware wallet security.  I feel the same about Ledger stuff too.  I need many numerous password wallets from each Trezor I have so I have settled on a Trezor.  So I believe that NO major brand hardware wallet has ever been hacked to date.  I don't count a serious user error as a hack.

[HaXX0R1337]

So I believe that NO major brand hardware wallet has ever been hacked to date.  I don't count a serious user error as a hack.

There is not a single reported incident of a hardware wallet being hacked till now,unless people do make silly mistakes with it it cannot be hacked because it is not always plugged online for the hacker to try something fishy and since everyone uses hardware wallets to store huge amount of coins it is infact a secure method.

[ranochigo]

None, as far as I know of.

Hardware wallets aren't the golden shield to avoid any attacks. They are still vulnerable in the sense that the manufacturer can hide a vulnerability in the source code for hackers to exploit. An example is intentionally weakening the RNG. Users still have to review the source code and audit it.

[romero121]

Haven't heard of such an issue, but people losing their hardware wallet have been found in several articles. Once lost is more than that of losing the private keys.

[achow101]

This entirely depends on your definition of "hacked".

If by "hack" you mean that some vulnerability was found that allows Bitcoin to be stolen, then most certainly. Power analysis vulnerabilities have been found in at least one wallet, Trezor. This vulnerability works by examining the power drawn by the device to determine private keys. This vulnerability was fixed with a firmware update.

There are many attacks that can be done to extract the private keys from a hardware wallet such as Rubber Hose Cryptanalysis. Whether any such attacks have actually been used to steal Bitcoin is unknown.

So, if by "hack" you mean that Bitcoin were stolen from someone who stores their private keys on a hardware wallet, then, AFAIK, there have been no such (documented) "hacks". Even so, that does not mean that hardware wallets are foolproof, just that no one has found a viable way to steal the private keys.

[noormcs5]

There was a recent incident where the owner of KeepKey hardware wallet got hacked and customer information was compromised. The private keys of the user wallets were safe, but still a security risk nonetheless.

No it was not a wallet hack. It was just related to keepkey email hack. I have not heard any incident where hardware wallet is hacked. Unless the person or company deliberately gives the private key, it is impossible to hack.

[lol3c]

If you know how to protect you wallet and your private key, I doubt that there is a possibility that your hardware wallet will be hacked. Try not to download junk file because they may harm your computer and contain Trojan horse. Trojan can easily access your computer and transfer all the Bitoin from your wallet to another.

[Pettuh4]

Well it's not that I know or heard of but it should be possible since a lot of governments and financial institutions have cast doubt on Bitcoin security and are therefore running standard security tests to ascertain its strength before they adopt it full time do until its factually proven to be safe anything can happen.

[deadsilent]

That depends on the owner. All kinds of bitcoin wallet are safe. But if the owner is not responsible at keeping it. He might lose his bitcoin. We're humans. We can be fool. Hackers will find a way to steal your bitcoin. Maybe thru phishing or sending malicious software. Its not about the wallet. Its about the owner. Reponsible owner know how to keep their bitcoin safe.

[BillyBobZorton]

The answer is NO, the keepkey incident wasnt in anyway a hack of the hardware i think it was the owner of the company got his email hacked or something like that.  Not great PR but still not a disaster for those using keepkey.  I know for certain that Ledger wallet cant be hacked, the tech in it has been used in European banking cards for years.

If something depends on the owner getting or not hacker then that product is already a failure.

I think the best way to cold storage keys is still a bip38 paperwallet created in an offline computer.

Other than that, just use Bitcoin Core with a strong password and you are helping activate segwit while you are at it.

[densuj]

Maybe a better question is whether BTC in a hardware wallet has ever been stolen?

If it be stolen as online not and something impossible but it will be different
if the bitcoin be stolen by the people who know the hardware wallet
and I never heard bitcoin be stolen from hardware wallet, it is the most safe wallet.

[erickkyut]

First, what do you mean by bitcoin hardware wallet? Do you mean a wallet that you install in your computer? If that is the thing, even though you install it in your computer, it still needs an online connection because it needs to be registered and updated on the server of your online wallet provider. Yes there are lots of wallets that had been hacked before!

[CARrency]

I researched these before and i have read many articles that their bitcoin wallet is being hacked but not stolen.
Thats why i had some second thoughts of making one and earning bitcoin.
but the good thing is you must really trust this sites because it is their job and all you need to do is to trust them.