Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Laser Pulse Vulnerability in Tangem Wallets Exposes Security Risks

Laser Pulse Vulnerability in Tangem Wallets Exposes Security Risks

Posted on July 10, 2026 By CWS

Researchers from Ledger’s Donjon security team have uncovered a significant vulnerability in Tangem crypto wallets. A laser pulse, precisely targeted at the chip inside these cards, can reset the card’s password to any value the attacker desires. This flaw underscores potential security risks for owners of these wallets.

Understanding the Tangem Wallet Vulnerability

The Tangem wallet, resembling a typical bank card, includes a Samsung S3D232A chip, designed to safeguard crypto assets by resisting tampering. This chip holds the private key essential for managing cryptocurrencies. Security relies on two factors: possessing the card and knowing its password.

The key issue lies in the password reset functionality. Tangem sells cards in sets, allowing users to reset passwords by pairing cards. During this process, the card checks if it’s in recovery mode, allowing a password change without the old one. A laser pulse at this moment disturbs the chip’s circuitry, tricking it into recovery mode, thereby permitting a new password to be set without previous credentials.

Challenges and Limitations of the Attack

Executing this attack is not straightforward. It requires sophisticated equipment, including a laser setup and detailed knowledge of the chip’s architecture, making it feasible only in a lab setting. The card must be physically opened, causing noticeable damage, and the attack costs approximately $250,000.

Importantly, Tangem cards are not updatable, presenting a permanent vulnerability. While this design feature aims to prevent remote tampering, it also means the flaw cannot be patched, leaving all existing cards exposed to this potential attack.

Industry Responses and Implications

Tangem has responded to the findings, highlighting that the attack method is not specific to their products but applies to secure element chips generally. The company also noted the impracticality of such an attack given the cost and the inability to determine a card’s value without prior knowledge.

Despite the flaw’s existence, Tangem emphasizes that no funds have been lost to such laser attacks on hardware wallets to date. This incident illustrates the ongoing arms race in crypto security, where even advanced defenses like EAL6+ certification can have vulnerabilities.

Protective Measures for Users

For most Tangem wallet owners, immediate action is unnecessary. The attack requires physical access to the card, so maintaining possession is key. However, if a card is lost or stolen, users with significant crypto holdings should transfer assets to a secure location using a backup card or seed phrase.

This incident serves as a reminder of the need for vigilance in the rapidly evolving field of crypto security, where even seemingly secure solutions can have hidden weaknesses.

The Hacker News Tags:chip vulnerability, crypto security, crypto theft, crypto vulnerability, Donjon research, hardware wallet, laser attack, laser pulse, Ledger, password reset, secure element, security flaw, Tangem wallet, unpatchable flaw, wallet security

Post navigation

Previous Post: Critical GNU Guix Vulnerabilities Permit Remote Attacks
Next Post: Critical Linux FUSE Flaw Allows Root Access

Related Posts

PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain PyPI Warns of Ongoing Phishing Campaign Using Fake Verification Emails and Lookalike Domain The Hacker News
CISA Urges Patching of Apple and CMS Vulnerabilities CISA Urges Patching of Apple and CMS Vulnerabilities The Hacker News
Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks Storm-2603 Deploys DNS-Controlled Backdoor in Warlock and LockBit Ransomware Attacks The Hacker News
SloppyLemming Uses New Malware Chains on South Asian Governments SloppyLemming Uses New Malware Chains on South Asian Governments The Hacker News
Negotiator Admits Role in 2023 BlackCat Ransomware Scandal Negotiator Admits Role in 2023 BlackCat Ransomware Scandal The Hacker News
Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods Four Arrested in £440M Cyber Attack on Marks & Spencer, Co-op, and Harrods The Hacker News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • AI Gateways: Emerging Targets for Cyber Attacks
  • Hacker Server Leak Unveils Massive WordPress Breach
  • Critical Linux FUSE Flaw Allows Root Access
  • Laser Pulse Vulnerability in Tangem Wallets Exposes Security Risks
  • Critical GNU Guix Vulnerabilities Permit Remote Attacks

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • AI Gateways: Emerging Targets for Cyber Attacks
  • Hacker Server Leak Unveils Massive WordPress Breach
  • Critical Linux FUSE Flaw Allows Root Access
  • Laser Pulse Vulnerability in Tangem Wallets Exposes Security Risks
  • Critical GNU Guix Vulnerabilities Permit Remote Attacks

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark