News linked to both this project and an event.
Ledger's Donjon security research team successfully bypassed the firmware verification system of the TROPIC01 chip inside the Trezor Safe 7 using laser attacks in a laboratory setting. Chip manufacturer Tropic Square subsequently discovered another attack path affecting the chip's MAC-and-Destroy security mechanism. This vulnerability currently impacts all TROPIC01 chips in production within the field. Trezor stated that the TROPIC01 chip is one of three independent security layers within the Trezor Safe 7, and user funds, wallet backups, and private keys are not stored on it.The chip's hardware encryption storage mechanism completely withstood Ledger's extraction attempts during initial testing. Tropic Square has delayed the release of technical details regarding the vulnerability until the launch of a reinforced silicon version of the TROPIC01 chip later in 2026, with full details expected to be disclosed in the spring of 2027.A firmware mitigation is currently available by disabling the chip's MAINTENANCE mode. Trezor CEO Matej Zak stated that PINs, wallet backups, and user fund keys have never been stored on a single chip. (The Block)
According to The Block, blockchain security firm CertiK released a report on May 8 stating that 34 confirmed “wrench attacks” (i.e., offline physical assaults and extortion targeting cryptocurrency holders) occurred globally in the first four months of 2026—an increase of 41% compared to the same period in 2025. Victims’ total losses amounted to approximately $101 million. If this trend continues, the annual number of incidents is projected to reach around 130, with losses potentially totaling hundreds of millions of dollars. Geographically, 28 of the 34 incidents (82%) occurred in Europe, with France standing out particularly: 24 cases were recorded there in the first four months of 2026 alone—exceeding the full-year total of 20 incidents in 2025. CertiK attributes this surge to France’s hosting of flagship crypto firms such as Ledger and Binance, frequent data breaches, and a community culture of conspicuous wealth display and proactive doxxing. In contrast, reported incidents in the U.S. dropped from nine in Q1 2025 to three in Q1 2026, while Asia saw a decline from 25 to two. Regarding attack patterns, CertiK notes that criminal groups have shifted toward a “data-driven targeting” model—purchasing victims’ names, addresses, and asset information from data brokers, thereby reducing the need for physical reconnaissance. Over half of this year’s incidents involved threats against or direct harm to victims’ family members (spouses, children, elderly parents) as a coercive tactic. Operationally, small gangs of three to five individuals typically carry out these attacks via
Ledger Chief Technology Officer Charles Guillemet pointed out that the development of post-quantum cryptography has entered a critical stage. Although the timeline for a practical quantum computer remains unclear, a full-scale migration of the encryption systems across the industry is an inevitable trend. Led by NIST, the traditional sector plans to phase out high-risk algorithms by 2030 and completely ban them by 2035, with government and enterprise institutions expected to complete their migration layouts by 2029. Encryption and key exchange will adopt ML-KEM to defend against quantum decryption attacks on harvested data, with digital signatures becoming the core of blockchain transformation. The traditional industry prefers ML-DSA hybrid schemes, while the blockchain sector favors the more secure and robust SLH-DSA hash-based signature. Both schemes have their respective advantages and disadvantages. The compatibility challenges of post-quantum algorithms with MPC and threshold signatures remain a key risk that the industry urgently needs to address.
Odaily News France has become a hotspot for wrench attacks, with at least 41 cryptocurrency-related kidnappings and home invasions reported this year, averaging one incident every 2.5 days. Jean-Didier Berger, the Deputy Minister of the Interior, stated that a series of new measures are being prepared with Interior Minister Laurent Nuñez to address this issue.A wrench attack refers to the use of physical violence to force victims to transfer crypto assets. Data from Certik and Jameson Lopp shows that globally, there were 72 verified cases of physical coercion in 2025, a 75% year-on-year increase, with cases involving physical assaults rising by 250%. Ledger co-founder David Balland was kidnapped in France in January 2025. Security researchers point out that attackers are shifting from targeting wallets to hunting individuals, using social media and leaked data to identify targets. Due to the irreversible nature of crypto transactions, attackers often convert illicit proceeds into stablecoins and transfer them across chains to evade tracking. Experts recommend using tools such as multi-signature wallets, withdrawal delays, and spending limits to reduce the risk of attack.
According to The Block, U.S. musician Garrett Dutton (stage name G. Love) lost 5.9 BTC—worth approximately $420,000—after downloading and using a counterfeit Ledger wallet app from the App Store and entering his recovery phrase. On-chain analyst ZachXBT discovered that the attacker laundered the stolen Bitcoin via the KuCoin platform. This incident once again exposes the security risks posed by fake wallet apps, reminding users to exercise heightened caution when downloading and using cryptocurrency-related applications, and to avoid entering sensitive information through unofficial channels.