[HN Gopher] Case study: fake hardware cryptowallet ___________________________________________________________________ Case study: fake hardware cryptowallet Author : freerk Score : 88 points Date : 2023-05-15 21:01 UTC (1 hours ago) (HTM) web link (www.kaspersky.com) (TXT) w3m dump (www.kaspersky.com) | garyfirestorm wrote: | Would the firmware update fail? if the user had decided to update | it? Wouldn't that raise a suspicion? | WrtCdEvrydy wrote: | Probably. It seems it was designed to run with the crypto after | one month. Trezor's security on the physical realm is pretty | good, but this is just a good attack. | lisper wrote: | I foresaw this years ago, which prompted me to build this: | | https://sc4.us/hsm/ | | It's an HSM which you can flash yourself. Unfortunately, it never | generated much interest and so I had to fold up the tent. But | maybe it was just ahead of its time. | TacticalCoder wrote: | Another nasty supply chain attack exists, way simpler (unlikely | to work on knowledgeable users though)... A legit hardware wallet | is shipped, but with fake documentation accompanying it. Some | evil people working for delivery companies would swap legit | hardware wallet for the exact same model, but with documentation | using the official company's logo and font and saying, basically: | | _" Here's your hardware wallet, initialize it with the seed | written on this piece of paper, it's the only one that's going to | work for this hardware wallet. Do not lose this seed or you'll | lose access to your funds!"_. | | Several unsuspecting users, not aware that a random seed is | supposed to be generated by the hardware wallet (or by throwing | dice, or whatever) have been pwned this way. | Gigachad wrote: | There have also been cases of software using malicious seed | generators which have semi predictable outputs. People assume | it's safe because they see what looks like random seeds, | combined with no network activity. But the attacker can then | just scan over the whole possible key space and check for | funds. | monero-xmr wrote: | If you want a hardware wallet, I recommend software in an air- | gapped machine. Unless you can buy the hardware directly from the | manufacturer, and ideally you walked into the factory and bought | it at the source, the risk of compromise is too great. | hn_throwaway_99 wrote: | I don't understand this. If you ever want to _do_ anything with | the funds in that wallet (e.g. sign transactions using the | private key), you 're going to need to connect it to a machine | that can connect to the Internet. Otherwise, how is this any | better than a cold storage paper wallet? | bibaheu wrote: | You can generate the coin movement operation in the air | gapped machine, write it down on paper, and then use a | normal, connected computer to transmit it to the network. The | private key never left the air gapped machine, with this | method. | Scoundreller wrote: | The method I've read about is to print "the request" onto a | QR code, have the air-gapped machine scan it, sign it and | print off the signed transaction QR to be scanned into the | networked computer to propagate to the network. | | A bit more to trust but a lot less to type. | drexlspivey wrote: | You don't need to connect it to a networked machine to sign a | transaction though? You sign the transaction in the airgapped | machine, a signed transaction is just a hex string. Move it | to the networked machine and broadcast it. | themagician wrote: | You don't, actually. Coldcard works without ever having to be | online. You sign transactions on an SD card and just swap it. | TacticalCoder wrote: | > If you ever want to do anything with the funds in that | wallet (e.g. sign transactions using the private key), you're | going to need to connect it to a machine that can connect to | the Internet. | | Not commenting on GP's point but... No, you don't. | | You can prepare your transaction on an online machine, | without signing it. With full access to the blockchain, the | balance of every address, the "counter" needed so that you tx | is legal (in Ethereum's case), which address you want to | spend from etc. | | Then you transfer that transaction, without using the | Internet, to the offline computer and sign it there and | transfer the transaction back to the online computer to | broadcast it. | | The computer preparing the transaction, the one signing the | transaction and the one broadcasting it can be three | different computers. | | You can even do that with an hardware wallet: the hardware | wallet does not need to be plugged to a computer that is | online. It can be plugged to a computer that is offline. | | There are still many issues, even when using airgrapped | computers. For example it's possible that a hardware wallet | vendor is using non-determinism in "random" parameters chosen | to sign transactions to exfiltrate the seed _hidden among | signed transactions_. So even an offline /airgapped computer | and a hardware wallet hooked to that offline/airgapped | computer wouldn't help. | flangola7 wrote: | How do you feel about Yubikeys and HSM systems that | corporations heavily rely on? | monero-xmr wrote: | It's like apples and bowling balls IMO. If the Yubikey | directly stored hundreds of thousands of dollars of bearer | assets that could be stolen remotely from an attacker | anywhere on earth, then it would be a lot more risky. But | that's not typically what the Yubikey is for, unlike a crypto | hardware wallet. | Scoundreller wrote: | > The housing was difficult to open: its two halves were held | together with liberal quantities of glue and double-sided | adhesive tape instead of the ultrasonic bonding used on factory- | made Trezors. | | Other than having x-ray vision, one easy (but by no means | perfect) verification to thwart these types of attacks is to | weigh your devices. | | Manufacturing should be consistent enough that resealing a device | like this would be adding some grams that shouldn't be there. And | unlike something like a cisco router, nothing to cut out to make | up for the added weight. | alden5 wrote: | the problem is the sorta person to buy a wallet from a | classifieds website isn't willing to spend $30 on a scale to | weigh it, because if they had that money they'd just buy it | from the official store instead | Scoundreller wrote: | Lifehack: a post office will weigh whatever you want _for | free_. Also many grocery stores have accessible scales. | | Best part is they pay for the certifications! | | Then there are friends that _ahem_ buy /sell materials in | gram quantities. A counted handful of newish coins are a | reasonable way of verifying accuracy in those cases. Be sure | to weigh different quantities lest the absolute and relative | error cancel out. | Alupis wrote: | The Post Office's scale likely only has ounce resolution, | or at best, 0.01 LBS (0.16oz) resolution. ie, you won't | notice a couple grams of glue... | KryDos wrote: | Does it mean that at the moment of releasing 2.0.4 the Trezor | team already knew there is a fake firmware circling around? | | I wonder if Trezor team communicated that in some maybe different | way than that line in the CHANGELOG. Not blaming them of course, | just wondering. | londons_explore wrote: | If I were Trezor and became aware of a fake firmware, I would: | | * Offer rewards to anyone able to send me the fake devices or | clues who is making them. | | * Tell my clients to upgrade the firmware on devices before | use. Make sure every new firmware is distinctive in some way - | for example the boot screen, and tell the users to check for | that to ensure they are actually running the firmware they | thought they just flashed. | radicaldreamer wrote: | Seems like this could also be an insider threat where someone | at Trezor knew all the BOM details and could pull this off | wmf wrote: | Trezor is mostly open hardware and open source firmware to | begin with. | munificent wrote: | _> The bootloader checks the digital signature of the firmware | and, if an anomaly is detected, displays an unoriginal firmware | message and deletes all the data in the wallet._ | | This seems like a horrendous design, like a safe that burns the | money inside if you try to tamper with it. Sure, it might protect | a malicious thief from absconding with the funds, but it is also | an _attack vector_ for any bad actor that simply wishes to cause | you harm. | BobTheDestroyer wrote: | Trezor has additional checks that aren't covered here. I'd really | like to know how those were defeated. Especially: | | > All Trezor devices are distributed without firmware installed - | you will need to install it during setup. This setup process will | check if firmware is already installed on the device. If firmware | is detected then the device should not be used. | | >The bootloader verifies the firmware signature each time you | connect your Trezor to a computer. Trezor Suite will only accept | the device if the installed firmware is correctly signed by | SatoshiLabs. If unofficial firmware has been installed, your | device will flash a warning sign on its screen upon being | connected to a computer. | | https://trezor.io/learn/a/authenticate-model-one | | There seems to be an element of user carelessness and naivety | here. Anyone who follows Trevor's hardware verification checks | surely needn't worry about these attacks. | LordShredda wrote: | How does the setup process check for firmware, anyways? If | there's a malicious firmware preinstalled I'm guessing it could | just lie to the host computer and pretend to be not there until | setup is complete. Once an attacker has hardware control, no | software can save you. | LarsDu88 wrote: | Nice article, but are we sure we want to elevate the status of | FSB founded and funded Kapersky labs on the front page of HN? | PKop wrote: | If they're good at what they do, and provide value sharing | their knowledge, yes. | gnatman wrote: | I'm far from an expert and don't own any cryptocurrency but I | can't imagine buying a hardware wallet from a "popular | classifieds website", i.e. ebay. | dboreham wrote: | Title seems misleading (and isn't the article title). It implies | that Trezor is a fake wallet. The article is actually about a | wallet that purports to be made by Trezor but is in fact not | (hardware supply chain attack). | acaloiar wrote: | Agreed -- the title should say (Trezor Impostor) to make it | clear that Trezor is not the fake. | 40four wrote: | Or even better, it should just say "Case study: fake hardware | cryptowallet", which is the exact title, and in accordance | with the guidelines. No need to append "Kaspersky" On the | front, or mention Trezor at all, let the reader click through | and form their own opinion. | barbazoo wrote: | Somewhat related, I was recently pointed to a cool video about | someone hacking a Trezor One. Very enjoyable watch. | | https://www.youtube.com/watch?v=dT9y-KQbqi4&pp=ygULdHJlem9yI... | | > I was contacted to hack a Trezor One hardware wallet and | recover $2 million worth of cryptocurrency (in the form of | THETA). | lxgr wrote: | For physically hardened devices, this attack vector can be | mitigated quite efficiently by including an attestation key with | each device and validating that after taking possession (or | ideally before any interaction). At least one competitor does | that. | | To my knowledge, current Trezor devices are unfortunately not | (sufficiently) key extraction proof, though; in that scenario, | attackers might be able to extract the private attestation key of | a legitimate device and then go on to impersonate it in their own | version. | | This again could be mitigated by e.g. making the attestation key | device-unique and offering an online validation service (which | could keep track of unusual verification patterns and alert | users), but it's not an easy problem to solve. | themagician wrote: | Incredible. This is so sophisticated and takes so much effort it | makes you wonder just how many other wallets are compromised from | before you even use them. There are so many other low effort | attacks you can run that the fact that people are doing THIS | really makes me wonder just how many wallets out there are 100% | compromised. | | It would be trivial for any iOS-based software wallet to | compromise your seed before your private key before is even | created. You don't even need fancy spyware that calls home. If | the seed is generated from a method that isn't random you'd never | know. It will appear random to you, but the author of the | software could simply increment on a known value and be able to | recreate every private key ever created with that app. No one | would ever know. The attacker could sit silent for years or even | decades, and if they DID drain a wallet there would be no way to | prove it and no one would believe the victim. It would just be a | case of, "Well, you must have leaked your seed, it's your fault." | | I can even see something like Coinbase Wallet being 100% | compromised. The apology post is probably already written in a | draft somewhere. | 1ark wrote: | There was a recent drainage of many wallets, even old untouched | ones on Ethereum. I don't think it was resolved. Your scenario | is likely imo, and the fictional quote was what I saw. ___________________________________________________________________ (page generated 2023-05-15 23:00 UTC)