[HN Gopher] Case study: fake hardware cryptowallet
___________________________________________________________________
Case study: fake hardware cryptowallet
Author : freerk
Score : 88 points
Date : 2023-05-15 21:01 UTC (1 hours ago)
(HTM) web link (www.kaspersky.com)
(TXT) w3m dump (www.kaspersky.com)
| garyfirestorm wrote:
| Would the firmware update fail? if the user had decided to update
| it? Wouldn't that raise a suspicion?
| WrtCdEvrydy wrote:
| Probably. It seems it was designed to run with the crypto after
| one month. Trezor's security on the physical realm is pretty
| good, but this is just a good attack.
| lisper wrote:
| I foresaw this years ago, which prompted me to build this:
|
| https://sc4.us/hsm/
|
| It's an HSM which you can flash yourself. Unfortunately, it never
| generated much interest and so I had to fold up the tent. But
| maybe it was just ahead of its time.
| TacticalCoder wrote:
| Another nasty supply chain attack exists, way simpler (unlikely
| to work on knowledgeable users though)... A legit hardware wallet
| is shipped, but with fake documentation accompanying it. Some
| evil people working for delivery companies would swap legit
| hardware wallet for the exact same model, but with documentation
| using the official company's logo and font and saying, basically:
|
| _" Here's your hardware wallet, initialize it with the seed
| written on this piece of paper, it's the only one that's going to
| work for this hardware wallet. Do not lose this seed or you'll
| lose access to your funds!"_.
|
| Several unsuspecting users, not aware that a random seed is
| supposed to be generated by the hardware wallet (or by throwing
| dice, or whatever) have been pwned this way.
| Gigachad wrote:
| There have also been cases of software using malicious seed
| generators which have semi predictable outputs. People assume
| it's safe because they see what looks like random seeds,
| combined with no network activity. But the attacker can then
| just scan over the whole possible key space and check for
| funds.
| monero-xmr wrote:
| If you want a hardware wallet, I recommend software in an air-
| gapped machine. Unless you can buy the hardware directly from the
| manufacturer, and ideally you walked into the factory and bought
| it at the source, the risk of compromise is too great.
| hn_throwaway_99 wrote:
| I don't understand this. If you ever want to _do_ anything with
| the funds in that wallet (e.g. sign transactions using the
| private key), you 're going to need to connect it to a machine
| that can connect to the Internet. Otherwise, how is this any
| better than a cold storage paper wallet?
| bibaheu wrote:
| You can generate the coin movement operation in the air
| gapped machine, write it down on paper, and then use a
| normal, connected computer to transmit it to the network. The
| private key never left the air gapped machine, with this
| method.
| Scoundreller wrote:
| The method I've read about is to print "the request" onto a
| QR code, have the air-gapped machine scan it, sign it and
| print off the signed transaction QR to be scanned into the
| networked computer to propagate to the network.
|
| A bit more to trust but a lot less to type.
| drexlspivey wrote:
| You don't need to connect it to a networked machine to sign a
| transaction though? You sign the transaction in the airgapped
| machine, a signed transaction is just a hex string. Move it
| to the networked machine and broadcast it.
| themagician wrote:
| You don't, actually. Coldcard works without ever having to be
| online. You sign transactions on an SD card and just swap it.
| TacticalCoder wrote:
| > If you ever want to do anything with the funds in that
| wallet (e.g. sign transactions using the private key), you're
| going to need to connect it to a machine that can connect to
| the Internet.
|
| Not commenting on GP's point but... No, you don't.
|
| You can prepare your transaction on an online machine,
| without signing it. With full access to the blockchain, the
| balance of every address, the "counter" needed so that you tx
| is legal (in Ethereum's case), which address you want to
| spend from etc.
|
| Then you transfer that transaction, without using the
| Internet, to the offline computer and sign it there and
| transfer the transaction back to the online computer to
| broadcast it.
|
| The computer preparing the transaction, the one signing the
| transaction and the one broadcasting it can be three
| different computers.
|
| You can even do that with an hardware wallet: the hardware
| wallet does not need to be plugged to a computer that is
| online. It can be plugged to a computer that is offline.
|
| There are still many issues, even when using airgrapped
| computers. For example it's possible that a hardware wallet
| vendor is using non-determinism in "random" parameters chosen
| to sign transactions to exfiltrate the seed _hidden among
| signed transactions_. So even an offline /airgapped computer
| and a hardware wallet hooked to that offline/airgapped
| computer wouldn't help.
| flangola7 wrote:
| How do you feel about Yubikeys and HSM systems that
| corporations heavily rely on?
| monero-xmr wrote:
| It's like apples and bowling balls IMO. If the Yubikey
| directly stored hundreds of thousands of dollars of bearer
| assets that could be stolen remotely from an attacker
| anywhere on earth, then it would be a lot more risky. But
| that's not typically what the Yubikey is for, unlike a crypto
| hardware wallet.
| Scoundreller wrote:
| > The housing was difficult to open: its two halves were held
| together with liberal quantities of glue and double-sided
| adhesive tape instead of the ultrasonic bonding used on factory-
| made Trezors.
|
| Other than having x-ray vision, one easy (but by no means
| perfect) verification to thwart these types of attacks is to
| weigh your devices.
|
| Manufacturing should be consistent enough that resealing a device
| like this would be adding some grams that shouldn't be there. And
| unlike something like a cisco router, nothing to cut out to make
| up for the added weight.
| alden5 wrote:
| the problem is the sorta person to buy a wallet from a
| classifieds website isn't willing to spend $30 on a scale to
| weigh it, because if they had that money they'd just buy it
| from the official store instead
| Scoundreller wrote:
| Lifehack: a post office will weigh whatever you want _for
| free_. Also many grocery stores have accessible scales.
|
| Best part is they pay for the certifications!
|
| Then there are friends that _ahem_ buy /sell materials in
| gram quantities. A counted handful of newish coins are a
| reasonable way of verifying accuracy in those cases. Be sure
| to weigh different quantities lest the absolute and relative
| error cancel out.
| Alupis wrote:
| The Post Office's scale likely only has ounce resolution,
| or at best, 0.01 LBS (0.16oz) resolution. ie, you won't
| notice a couple grams of glue...
| KryDos wrote:
| Does it mean that at the moment of releasing 2.0.4 the Trezor
| team already knew there is a fake firmware circling around?
|
| I wonder if Trezor team communicated that in some maybe different
| way than that line in the CHANGELOG. Not blaming them of course,
| just wondering.
| londons_explore wrote:
| If I were Trezor and became aware of a fake firmware, I would:
|
| * Offer rewards to anyone able to send me the fake devices or
| clues who is making them.
|
| * Tell my clients to upgrade the firmware on devices before
| use. Make sure every new firmware is distinctive in some way -
| for example the boot screen, and tell the users to check for
| that to ensure they are actually running the firmware they
| thought they just flashed.
| radicaldreamer wrote:
| Seems like this could also be an insider threat where someone
| at Trezor knew all the BOM details and could pull this off
| wmf wrote:
| Trezor is mostly open hardware and open source firmware to
| begin with.
| munificent wrote:
| _> The bootloader checks the digital signature of the firmware
| and, if an anomaly is detected, displays an unoriginal firmware
| message and deletes all the data in the wallet._
|
| This seems like a horrendous design, like a safe that burns the
| money inside if you try to tamper with it. Sure, it might protect
| a malicious thief from absconding with the funds, but it is also
| an _attack vector_ for any bad actor that simply wishes to cause
| you harm.
| BobTheDestroyer wrote:
| Trezor has additional checks that aren't covered here. I'd really
| like to know how those were defeated. Especially:
|
| > All Trezor devices are distributed without firmware installed -
| you will need to install it during setup. This setup process will
| check if firmware is already installed on the device. If firmware
| is detected then the device should not be used.
|
| >The bootloader verifies the firmware signature each time you
| connect your Trezor to a computer. Trezor Suite will only accept
| the device if the installed firmware is correctly signed by
| SatoshiLabs. If unofficial firmware has been installed, your
| device will flash a warning sign on its screen upon being
| connected to a computer.
|
| https://trezor.io/learn/a/authenticate-model-one
|
| There seems to be an element of user carelessness and naivety
| here. Anyone who follows Trevor's hardware verification checks
| surely needn't worry about these attacks.
| LordShredda wrote:
| How does the setup process check for firmware, anyways? If
| there's a malicious firmware preinstalled I'm guessing it could
| just lie to the host computer and pretend to be not there until
| setup is complete. Once an attacker has hardware control, no
| software can save you.
| LarsDu88 wrote:
| Nice article, but are we sure we want to elevate the status of
| FSB founded and funded Kapersky labs on the front page of HN?
| PKop wrote:
| If they're good at what they do, and provide value sharing
| their knowledge, yes.
| gnatman wrote:
| I'm far from an expert and don't own any cryptocurrency but I
| can't imagine buying a hardware wallet from a "popular
| classifieds website", i.e. ebay.
| dboreham wrote:
| Title seems misleading (and isn't the article title). It implies
| that Trezor is a fake wallet. The article is actually about a
| wallet that purports to be made by Trezor but is in fact not
| (hardware supply chain attack).
| acaloiar wrote:
| Agreed -- the title should say (Trezor Impostor) to make it
| clear that Trezor is not the fake.
| 40four wrote:
| Or even better, it should just say "Case study: fake hardware
| cryptowallet", which is the exact title, and in accordance
| with the guidelines. No need to append "Kaspersky" On the
| front, or mention Trezor at all, let the reader click through
| and form their own opinion.
| barbazoo wrote:
| Somewhat related, I was recently pointed to a cool video about
| someone hacking a Trezor One. Very enjoyable watch.
|
| https://www.youtube.com/watch?v=dT9y-KQbqi4&pp=ygULdHJlem9yI...
|
| > I was contacted to hack a Trezor One hardware wallet and
| recover $2 million worth of cryptocurrency (in the form of
| THETA).
| lxgr wrote:
| For physically hardened devices, this attack vector can be
| mitigated quite efficiently by including an attestation key with
| each device and validating that after taking possession (or
| ideally before any interaction). At least one competitor does
| that.
|
| To my knowledge, current Trezor devices are unfortunately not
| (sufficiently) key extraction proof, though; in that scenario,
| attackers might be able to extract the private attestation key of
| a legitimate device and then go on to impersonate it in their own
| version.
|
| This again could be mitigated by e.g. making the attestation key
| device-unique and offering an online validation service (which
| could keep track of unusual verification patterns and alert
| users), but it's not an easy problem to solve.
| themagician wrote:
| Incredible. This is so sophisticated and takes so much effort it
| makes you wonder just how many other wallets are compromised from
| before you even use them. There are so many other low effort
| attacks you can run that the fact that people are doing THIS
| really makes me wonder just how many wallets out there are 100%
| compromised.
|
| It would be trivial for any iOS-based software wallet to
| compromise your seed before your private key before is even
| created. You don't even need fancy spyware that calls home. If
| the seed is generated from a method that isn't random you'd never
| know. It will appear random to you, but the author of the
| software could simply increment on a known value and be able to
| recreate every private key ever created with that app. No one
| would ever know. The attacker could sit silent for years or even
| decades, and if they DID drain a wallet there would be no way to
| prove it and no one would believe the victim. It would just be a
| case of, "Well, you must have leaked your seed, it's your fault."
|
| I can even see something like Coinbase Wallet being 100%
| compromised. The apology post is probably already written in a
| draft somewhere.
| 1ark wrote:
| There was a recent drainage of many wallets, even old untouched
| ones on Ethereum. I don't think it was resolved. Your scenario
| is likely imo, and the fictional quote was what I saw.
___________________________________________________________________
(page generated 2023-05-15 23:00 UTC)