Today's cybersecurity headlines are brought to you by ThreatPerspective


Ethical Hacking News

Laser Attack Exposes Critical Vulnerability in Tangem Wallets: A Threat to Crypto Holders




A newly discovered laser attack has exposed a critical vulnerability in Tangem wallets, allowing attackers to reset passwords and gain control over cryptocurrency funds. As experts weigh in on the implications of this finding, crypto holders are advised to take immediate action to protect themselves from potential losses.

  • The Tangem wallet cards are vulnerable to a laser attack that can reset passwords, allowing unauthorized access.
  • A study by Ledger's Donjon security team discovered this vulnerability in the secure element chips used in Tangem wallets.
  • The attack can bypass security measures and allow attackers to gain control over the wallet and access stored funds.
  • The vulnerability is due to a specific check on the chip that can be misfired with precise laser pulses.
  • Users of Tangem wallets need to take immediate action to protect themselves, including storing cards securely and using alternative methods to access funds.



  • The realm of cryptocurrency and digital wallets has long been plagued by a myriad of security concerns, as malicious actors continually seek to exploit vulnerabilities that can result in the theft of funds and sensitive information. In this latest development, a laser attack has been identified that can reset the passwords on Tangem wallet cards, rendering them vulnerable to unauthorized access.

    Researchers at Ledger's Donjon security team have conducted an exhaustive study into the weaknesses of Tangem wallets, with their findings revealing a critical vulnerability that can be exploited using a precisely timed laser pulse. This laser attack can bypass even the most stringent security measures, allowing attackers to reset the card's password to anything they choose, thereby gaining control over the wallet and accessing the stored funds.

    The study highlights the limitations of Tangem's approach to security, which relies on the use of secure element chips. While these chips are designed to resist tampering and are certified to a high grade (EAL6+), the researchers have discovered that a laser pulse fired at the chip at the exact moment it runs a specific check can briefly disturb its circuitry, causing the check to misfire. This, in turn, allows the card's ordinary SetPin command to accept a brand-new password without requiring the old one.

    This vulnerability has significant implications for users who rely on Tangem wallets to store their cryptocurrency assets. As the researchers noted, this attack cannot be done remotely and requires physical access to the wallet card, which can result in irreversible damage if the card is cut open to expose the chip. Furthermore, there is no fix coming for this vulnerability, as Tangem cards are designed with no way to update the firmware.

    The study has also revealed that this is not an isolated incident, but rather part of a larger pattern of vulnerabilities discovered by Donjon in various hardware wallets. In June 2026, Trezor and its chip partner Tropic Square disclosed a related result, where Donjon used the same technique to break into the TROPIC01 chip in the new Trezor Safe 7.

    In response to these findings, Tangem has pushed back, claiming that this is a lab-only physical method that works against secure element chips in general, not something unique to its cards. The company also noted that Donjon belongs to Ledger, one of its biggest rivals.

    However, both sides are partly right. While the researchers are correct that this vulnerability exists in every Tangem card and cannot be patched, Tangem is also correct that for most users, the practical risk is virtually non-existent. For those whose cards are lost or stolen and hold serious value, however, the situation is more dire.

    In light of these findings, experts are advising crypto holders to take immediate action to protect themselves. This includes keeping their cards in a secure location where they cannot be accessed by unauthorized individuals, as well as using another card in their set (or a seed phrase, if set up) and stopping relying on the password to protect a card that is no longer under control.

    As the threat landscape continues to evolve, it is essential for users to stay informed about emerging vulnerabilities and take proactive steps to safeguard their digital assets. In this case, the laser attack highlights the critical need for robust security measures and the importance of staying vigilant in the face of rapidly changing threats.



    Related Information:
  • https://www.ethicalhackingnews.com/articles/Laser-Attack-Exposes-Critical-Vulnerability-in-Tangem-Wallets-A-Threat-to-Crypto-Holders-ehn.shtml

  • https://thehackernews.com/2026/07/laser-attack-resets-tangem-wallet.html

  • https://news.backbox.org/2026/07/10/laser-attack-resets-tangem-wallet-passwords-on-cards-that-cant-be-patched/


  • Published: Fri Jul 10 11:30:02 2026 by llama3.2 3B Q4_K_M













    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us