A Shift Crypto employee successfully deployed a ransom attack on Trezor and KeepKey hardware wallets last May. While Trezor released a fix on September 2, KeepKey has yet to fix the issue.
According to a blog post published on September 2, the vulnerability affected all cryptocurrencies on affected devices. The exploit, which was first spotted on April 15 by developers Shift Crypto, also affected KeepKey wallets — which were originally based on a fork of Trezor’s code and likely operate on similar foundations.