In the first article of my Crypto Con series, I exposed how any PC, laptop, or server running any modern Intel or AMD processor is a cybersecurity catastrophe waiting to happen. This is because of backdoors like the Intel Management Engine and AMD’s Platform Security Processor. Specifically, backdoors that exist at a hardware level built into the physical architectures of processors themselves.
If you haven’t read that article, click here now to do so. Thankfully, as a security-aware and consumer tech-savvy crypto user, you likely already know better than to keep your Bitcoin bags on exchanges like Coinbase. You likely also want access to your portfolio on the go. This is why your crypto stash is probably secreted away in an ultra-secure hardware wallet or app on your phone instead of your Intel or AMD-powered PC.
The only question is, is your crypto really safer stored this way?
Sorry Girls, Cryptocurrency Hardware Wallet CPUs Have Big Vulnerabilities Too
If you own a cryptocurrency hardware wallet, there is a 99% chance that you are using an ARM-based processor in that device. The same is true for any Android or Apple phone you might live most of your virtual life through.
The good news in either case is that ARM-based devices don’t have a direct equivalent of the Intel Management Engine. This means that neither Intel nor your 3-letter government agency of choice can remotely dial a hidden network stack on your Trezor or Ledger and start peeking at your crypto stash.
However, what ARM does have embedded into the architecture of every ARM CPU is something called ‘TrustZone.’
What is TrustZone?
Like the IME and AMD’s PSP, TrustZone is a proprietary, hardware-based security extension for post-2004 ARM CPUs and microcontrollers. It is one that, at the microprocessor level, creates two distinct environments for ARM-powered devices’ hardware and host software to operate in.
On one side, there is the TrustZone ‘Normal World.’ This is the world you boot most of your applications in, interact with your device in, and browse the Internet in. On the other side of TrustZone, there is what ARM calls the ‘Secure World.’ This is a separate virtual area isolated from the Normal World, where sensitive data such as cryptographic keys and passwords are stored.
Many cryptocurrency hardware wallets on the market even hail their use of TrustZone technology as a USP in their marketing collateral. TrustZone is also what Samsung is indirectly referring to when the words “Secured by Knox” flash up on your Samsung phone or tablet when booting. Samsung Knox, if you like, is just TrustZone rebranded.
The Trouble With TrustZone
Like Intel’s Intel Management Engine and AMD’s Platform Security Processor, TrustZone technology is hard-baked at a hardware level into ARM CPUs. However, unlike with Intel and AMD, which operate as CPUs and network stacks independent of your known machines CPU and network stack, TrustZone’s Normal World and Secure World share the exact same physical CPU and device system resources.
In effect, there is just a proprietary software barrier isolating each world from the other. And this is where problems start.
Known TrustZone Vulnerabilities
Cryptocurrency hardware wallet manufacturers like Ledger and Trezor often hail the separate security environments of TrustZone as being fundamental to keeping your crypto secure. However, because both environments use the exact same device resources, devices are susceptible to several known security exploits.
- Major TrustZone security exploits include side-channel attacks, where attackers, hackers, or government agencies exploit shared system resources to gain access to sensitive data like cryptographic keys. In such a case in 2020, Kraken was successful in implementing such an exploit to hack a Trezor hardware wallet in just 15 minutes.
- In a cache attack, ARM TrustZone attackers can attempt to access ARM cache memory to expose data such as cryptographic keys. As recently as 2024, security researchers demonstrated that such attacks were still possible against ARM-based Apple Silicon chips operating in leading Apple products. Apple also conceeded that while this exploit is possible to patch, doing so is beyond the ability of most end device users. Doing so would also inhibit end device performance.
- Firmware attacks, such as the recently discovered ‘Dark Skippy’ attack, allow malicious or state actors to recover data such as entire seed phrases stored on crypto hardware wallets by compromising the firmware of specific chips in hardware wallets, thereby bypassing the security offered by CPU-embedded security environments like TrustZone.
There are actually too many TrustZone attack vectors to list here concisely. Make no mistake, though, any ARM-based hardware wallet you might be using is not as secure as you might like to think.
As of 2025, it is essentially the case that as soon as someone has physical access to your phone or hardware wallet (even for just a matter of minutes), it is only a matter of time until they figure out how to steal your stash.
Is Crypto a Con?
Let’s not beat around the bush. In my Crypto Con series, it will eventually become apparent to most readers that the same tech vulnerabilities undermining the use case for cryptocurrency also undermine things like the basic use case of regular online banking. Anyone with an exploit to the Intel Management Engine or the like can, after all, drain your real-world bank account just as quickly as they can your crypto portfolio.
The thing is, in the past, we could at least hide jewels, gold, and good old hard cash under a mattress or in a pot under a Shawshank Redemption tree somewhere. Now, we live in a world where, as hard cash declines in value, we’re sold cryptocurrency as inflation-proof, recession-proof, and bank-run and government confiscation bulletproof. In fact, if you haven’t got some by now, you’re just silly.
Make no mistake, though – crypto is far from bulletproof. In fact, it will likely prove to be the easiest form of currency humans ever create, that is also the easiest for state actors and nefarious hackers to completely plunder and wrestle total control of, before most of us know what’s happening.