Skip to main content

Security vulnerability at Tangem: Private keys discovered in app logs!

Tangem Wallet Security

Tangem, a well-known manufacturer of hardware wallets known for their ease of use and card format, acknowledged a security vulnerability in its wallet app on December 31, 2024. As the company announced in a blog post, when creating a new wallet with a seed phrase, users’ private keys were incorrectly logged in the app logs.

Who is affected by the Tangem security vulnerability?

All users who have set up a new Tangem wallet with the Tangem app and opted for the non-recommended seed phrase setup are affected. In addition, the user must have contacted Tangem Support via the app within 7 days.

Since the seed phrase setup is not the default and support also had to be contacted, Tangem estimates that less than 0.1% of Tangem users may be affected.

What does that mean exactly?

The seed phrase is the master key to your cryptocurrencies. Whoever knows them has access to all your digital assets. Normally, the seed phrase is never stored digitally, but only written down on paper or another secure medium.

Due to the error in the Tangem app, the private keys generated from the seed phrase were logged in the app logs. These logs can theoretically be read by hackers or malware.

All-clear – but…

Tangem emphasizes that no private keys were compromised and no funds were stolen. The security gap was quickly closed and the affected users were notified by email. In addition, all affected support emails have been deleted from the Tangem servers.

Nevertheless, a bland aftertaste remains. How could such a serious mistake even happen? The security of private keys is at the heart of every hardware wallet.

What should you do now as the owner of a Tangem Wallet?

If you have set up a Tangem wallet with your own seed phrase, you should definitely follow these steps:

  1. Update the app: Make sure you have the latest version of the Tangem app installed.
  2. Transfer funds: Temporarily transfer your cryptocurrencies to another wallet, e.g. another hardware wallet or a software wallet that you trust.
  3. Reset the wallet: Reset your Tangem Wallet to the factory settings.
  4. Set up a new wallet: Set up your wallet again, generate a new seed phrase.
  5. Transfer funds back: Send your cryptocurrencies back to your Tangem wallet.

Conclusion on the Tangem security incident

The incident shows that even renowned manufacturers of hardware wallets are not infallible. It is important to remain vigilant at all times and to take safety precautions seriously. Even though Tangem assures us that no money has been lost, this incident should serve as a wake-up call.

What do you think about this incident? Are you worried or are you relaxed about the whole thing? Join the discussion in the comments!


Veröffentlicht von Malte Kategorie(n): Tangem No Comments Quelle: https://tangem.com

Ähnliche Beiträge

Share the Post with Friends

Keine Kommentare vorhanden

Got a question or an opinion for this article? Share it with the readers!

You are welcome to leave pseudonyms and anonymous information.

notes
You are welcome to leave pseudonyms or empty fields. Only the given data will be saved (comment, name, e-mail, website, no IP address). Further information on the processing of data and rights of objection are listed in the privacy statement.

All Hardware Wallets