All articles

Trezor FW authenticity check failed

The firmware authenticity check was introduced to alert users who may have inadvertently acquired a counterfeit Trezor device, specifically the Trezor Model One and Model T, although all Trezor models do in fact run this check.
 
Briefly, this is a function that checks the Firmware Revision ID of the connected Trezor hardware wallet against a database of firmware and legitimate Revision IDs each time the device connected. If there is a mismatch between them, the firmware is classed as malicious and the device should be considered counterfeit.
 
The Trezor Safe 3 and Safe 5 are also both equipped with a dedicated Secure Element that is used for device authentication checks during the initial device setup process; this serves as an additional safeguard against counterfeit Safe 3 and Safe 5 hardware wallets.

 
If your Trezor hardware wallet fails the firmware authenticity check, Trezor Suite will display the following warning:

 

 

At this stage, the full functionality of Trezor Suite is effectively blocked, and the simplest procedure to follow is to click on the Contact Trezor Support button and solve the issue with Trezor Support. Do not panic and rest assured that our Support team will help solve your issue.
 
If you're using a new device and have not initialized it, stop using it immediately and please contact Trezor Support.
 
If you've already set up your device and you are only now seeing this warning, you will need to take a more proactive approach to safeguarding your funds:
  • Firstly, never share your wallet backup(s) (recovery seed) with anyone! Trezor Support will not ask you for this or any other sensitive information (PIN, Passphrase etc) while investigating your case. Online scammers often target stressed and worried individuals, who are usually more willing to divulge sensitive information, so remember to stay vigilant.
  • If you only have your (fake) Trezor device to hand, you will need to send your funds to a compatible third-party wallet, so that no funds remain in your exposed account(s); depending on your setup, there are some subtle differences with how you may proceed:
    • Select 'Back' to escape the warning modal.
    • If you're using Trezor Suite version 24.9.1 (or later), you will be able to Send your bitcoin and crypto elsewhere.
    • If you're using an older version of Trezor Suite, you can disable the firmware check by navigating to Settings > Device > Danger Area and scrolling down to Turn off firmware authenticity check, then selecting Turn off; you may then proceed with sending your funds elsewhere.
    • Otherwise, you can use an application such as Electrum to first recover your wallet (by entering your compromised backup / seed), then create a new wallet in Electrum, and move the funds from the compromised backup / seed to the new one.
  • Due to the urgency of the situation, the most viable solution is to download & install a well-respected bitcoin wallet such as Electrum.
  • When creating a new wallet, keep the wallet backup / recovery seed safely stored offline on a piece of paper. Do not make any digital copies or share this information.
  • After you finish sending your funds to your new wallet, you should stop using the counterfeit Trezor and recovery seed.
  • The next step is to arrange for a replacement legitimate Trezor hardware wallet, and set it up with a new recovery seed.
  • Finally, send your funds (e.g. from your Electrum wallet) to your newly backed-up Trezor hardware wallet.

 
You will not be able to generate new receive addresses using your counterfeit device:
 

 

The easiest way to stay safe is to always buy Trezor products from the official Trezor Shop or an official reseller if necessary. You can also learn more in our Essential tips for safeguarding your Hardware Wallet purchase blog post.

 

If you require further assistance, please contact us via our chatbot Hal who will help resolve your issue.