Wasn't the issue even fixed already, but possible due to outdated firmware? Like at the time of attack, he mentions about firmware v1.6.0 and that the attack wasn't gonna be possible in v1.6.1 etc., so he was exploiting the fact that the device was running old software in a way.
He was sort of doing this, but video was recorded somewhere in 2017 I think, and owner couldn't update the device even if he wanted to do it, because he didn't know the password.Posting this video on Youtube now in 2022 is just a free marketing campaign for Kingpin more than anything else, but it sure hurt Trezor so they even had to comment on that video with explantion.
Makes me think: in a pinch, you could even just wipe a HW wallet that you have around (of which you have a seed backup handy) and load the stolen wallet's seed onto it. When you're done transferring the funds, reset it again and put in 'its' seed again.
Or just use Seedsigner/Krux that works exactly like that, but it's much more easier to import seed words again (with QR codes) than it is on trezor, ledger and other hardware wallets.You don't even need secure element or secret NDA's and permission with this.
Periodic reminder for people having trouble sourcing a Raspberry Pi Zero 1.3, it is a relatively simple process to physically disable wireless communication for both the Pi Zero W and Pi Zero 2W. More information here:
Which leads to a GitHub made just about removing the WiFi chip[/url].https://github.com/DesobedienteTecnologico/rpi_disable_wifi_and_bt_by_hardware