Ledger Exposes Critical Laser Vulnerability in Tangem Hardware Wallets
Ledger Donjon, Ledger’s security research team, has uncovered a security vulnerability on Tangem hardware wallets. According to their recently published security disclosure, malicious actors
A
AnonymousCryptoCompass newsroom
July 11, 2026
2 min read
NEWS
CryptoCompass editorial visual for markets coverage.
Ledger Donjon, Ledger’s security research team, has uncovered a security vulnerability on Tangem hardware wallets. According to their recently published security disclosure, malicious actors could gain control of users’ cryptocurrencies using laser pulses to bypass password checking on Tangem wallets.
Here’s the anatomy of the attack: a malicious actor melts away the outer casing of a Tangem card using chemical solvents or high-precision tools to reveal the silicon chip inside. They then use probes to “listen in” on the electromagnetic changes taking place as the card processes a password. This exposes the specific timing of when the card’s firmware is most vulnerable.
At this point, an attacker fires lasers at the card, hence the name “Laser Fault Injection (LFI)” attack. This essentially corrupts the card’s verification process, giving the attacker full access to the wallet.
So far, there are no reported cases of this kind of theft. Researchers and the Tangem company also agree that the occurrence is rare since the laser technology used to penetrate the card costs about $250,000. Additionally, the situation demands physical access to the card and cannot be performed remotely.
Possible victims and theft prevention
Companies such as Arculus and Cypherock X1 offer a similar product, but no such vulnerabilities have been reported. However, while they lack Tangem’s specific password-reset bug, all microchip-based cards are inherently vulnerable to LFI.
That said, the orchestrators of such an attack would likely be state-sponsored actors, law enforcement, or highly funded criminal syndicates. It is also likely that they understand their victims’ finances well enough to carry out the capital-intensive attack.
Those who have lost or misplaced their cards are urged to use their backup cards (Tangem cards come in sets of three) to relocate their crypto assets.
APT, SQD, and GRASS Near the End of Their VC Vesting Schedule Spend five minutes on crypto Twitter and you'll see people either panicking or celebrating the second the word 'unlock' shows up.
Ethereum’s transition to Proof-of-Stake (PoS) has reduced the blockchain’s annual electricity consumption to just 7.87 gigawatt-hours (GWh), according to a new report published by the Cambrid
Why did Circle stock go up today? Circle Internet Group receives OCC approval for national trust bank, and investors reacted fast. Shares of Circle Internet Group (NYSE: CRCL) closed up 4.97%