Tangem wallet brute force vulnerability revealed by rival Ledger

A security flaw allowing hackers to brute force the PIN code of Tangem's cold wallet cards by cutting off their source of power was revealed yesterday by Ledger's white hat hacker team, Donjon. Ledger CTO, Charles Guillemet, announced the "tearing attack" on X after disclosing the exploit with the rival hardware wallet firm. Unfortunately for Tangem, Donjon noted that it can't be patched on already existing Tangem cards. In order to perform the attack, Donjon discovered that cutting a Tangem card's source of power before it acknowledges a password attempt stops it from registering a failed password. A hacker would then need to determine if they've found the right password. Donjon discovered that by analyzing the electromagnetic emissions the card emits with each attempt, they can see a pattern of peaked electromagnetic emissions indicating that the correct combination was found. By doing this, hackers can attempt as many passwords as they like without fear of activating any security protocols. The makeshift antenna Donjon created to focus on the chip's electromagnetic emissions Read more: Ledger exec's alleged kidnap mastermind arrested in Morocco Donjon says it would normally take five days to brute force a four-digit code with Tangem's security protections, and roughly 148 years to brute force an eight-digit code. However, the "tearing attack" reduces this time to ~1 hour for a four-digit code, and ~460 days for an eight-digit code, as it allows for two and a half password attempts every second. It estimates that the cost to carry all this out would come to $5,000, adding that, "While the setup cost is relatively low, making it accessible to a wider range of attackers, the need for physical proximity to the target card remains a prerequisite." Regardless, there's not much that can be done to fix the exploit for the…