Ledger Wallet™ just got a major upgrade.

Take control today

A whole new level of choice, clarity and control

Trade different via Ledger Wallet 4.0

Download now Learn more

Tearing

Apr 8, 2026 | Updated Apr 8, 2026
Tearing is a hardware-level security exploit that involves abruptly cutting power to a device during a specific operation.

What Is Tearing?

Many secure devices follow a strict sequence of steps when performing a task, such as verifying a PIN or updating a failure counter. Tearing, sometimes called a power-cutting attack, occurs when an attacker manually or electronically disconnects the power at a carefully timed moment during the operation.

By interrupting the device before it can complete its internal record-keeping, an attacker can cause a discrepancy between the physical state of the device and its intended security logic.

How Do Tearing Attacks Work?

Tearing attacks are often used to bypass anti-hammering mechanisms, which are designed to slow down or stop repeated guessing attempts.

  • Bypassing Security Delays: A device might be programmed to wait 10 seconds after a wrong PIN is entered. If an attacker tears the power immediately after the wrong PIN is submitted but before the delay timer chip can start, they may be able to try again immediately without waiting.
  • Interrupting Counter Increments: Many secure chips use a counter to track failed attempts. An attacker may attempt to cut power before a chip can update its failure counter.
  • Non-Upgradable Hardware: Tearing is particularly dangerous for hardware that cannot receive firmware updates. Because the flaw is often rooted in how the physical hardware handles power loss, it can sometimes be impossible to patch without replacing the device entirely.

The Donjon: Exposing Tearing Vulnerabilities

Tearing is a specialized technique used by the Ledger Donjon to evaluate the resilience of hardware across the crypto ecosystem. As Ledger’s internal team of white-hat hackers, the Donjon utilizes tearing to identify where security delay mechanisms in third-party products can be bypassed.

A notable example of the Donjon’s work in this area involved identifying a vulnerability in a third-party card-based wallet. By executing a tearing attack during the authentication process, the team was able to bypass the card’s security delay. This allowed them to perform a brute force attack at a rate of 2.5 attempts per second, significantly faster than the intended speed.

By proactively identifying these physical weaknesses throughout the industry, the Donjon helps identify weaknesses before they can be exploited.

Read the Ledger Donjon’s full research on Tearing and Brute Force

Validator

A blockchain validator is a computer or node that verifies transactions in the blockchain network.

Full definition

Bull Market

A bull market is a period of sustained upward trend when asset prices are steadily increasing.

Full definition

DeFAI (Decentralized AI)

DeFAI (Decentralized AI) is the movement to run AI models on decentralized networks instead of centralized servers.

Full definition

Own your crypto future

Stay informed with security tips, updates, and exclusive offers from Ledger

Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time. Learn more

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.