Laser vs Tangem: Critical vulnerability in hardware wallets discovered by experts
My colleagues from the Ledger Donjon research division conducted an in-depth security analysis of Tangem hardware wallets and identified a critical vulnerability. The essence of the attack is frighteningly simple to understand but complex to execute: using a powerful laser, an attacker with physical access to the storage card can reset the password and gain full control over all associated digital assets.
At first glance, Tangem wallets look like ordinary bank cards. Inside, they feature a secure Samsung chip with EAL6+ certification, responsible for generating and storing keys as well as signing transactions. The master key never leaves the card, and access to funds is protected by two factors: physical possession of the card and knowledge of the password.
The weak link, as our analysis showed, is the password recovery logic. Cards are sold in sets of two or three with a shared master key, and the standard mechanism allows password reset when two linked cards are present. This function is where the root of the problem lies.
What the vulnerability entails
In the recovery mechanism, there is a conditional check: whether the card is in recovery mode. If so, a new password is accepted without entering the old one. The goal of the attack is to "break" this single check, forcing the card to accept a new password without actually being in "real recovery mode." Compounding the issue is that the password change command has no brute-force protection. Unlike authentication commands, it does not introduce delays or lockouts after multiple failed attempts, allowing repeated tries.
In my assessment, resetting the password gives the attacker full control over the wallet. Afterward, they can sign any transactions and withdraw all funds associated with the card.
How the attack is carried out and what it means
The attack itself is technically complex and invasive. Researchers cut open the plastic card casing with a scalpel, removed the protective shield, exposed the silicon chip die, and re-soldered the antenna for stable power.
The primary method was laser fault injection. This involves directing a powerful infrared light pulse at a specific point on the die at a precise moment of operation, temporarily altering transistor states and disrupting the program flow—in this case, bypassing the required check. A separate challenge was the chip's own protection: upon detecting interference, the chip would write data to flash memory, and after approximately 256 such events, the cards would become permanently non-functional. To circumvent this, the team learned to monitor writes in real-time and cut power before completion.
It is important to emphasize: disabling the password recovery function does not help. This setting only blocks one of the legitimate recovery commands, whereas the attack does not use it but directly targets the state check.
At the same time, the company rightly notes the high barrier to execution. The attack requires physical access to the card, specialized laboratory equipment costing around $250,000, and deep expertise in hardware security. On a prepared model, it achieved 100% reproducibility, with each new attempt taking about two hours.
My analysis: This finding is not a cause for panic, but a serious wake-up call for the industry. It demonstrates that even certified chips with the highest security levels (EAL6+) are vulnerable to physical attacks if the software logic of their use has flaws. The key takeaway for Tangem users: no patch exists, but the real risk only arises if the card is lost or stolen. If it remains with the owner, the described scenario is impossible. Store your cards as carefully as cash in a wallet, and use additional security measures such as multi-signature or hardware wallets with a PIN and seed phrase.