June 19, 2024

How secure are hardware crypto wallets? Vulnerabilities and Precautions

How secure are hardware crypto wallets? Vulnerabilities and Precautions

On December 10, employees of the research company Kraken Security Labs reported that they had discovered a vulnerability inKeepKey hardware cryptocurrency wallet. It allows an attacker who gained physical access to the device to crack it in just 15 minutes, spending $ 75 on all this.

It will be difficult to fix the vulnerability - manufacturermust change the wallet at the hardware level. The problem is inherent not only to KeepKey, but also to other crypto wallets. Mining-Cryptocurrency.ru understood the conclusions of experts and what other vulnerabilities of hardware wallets should cryptocurrency holders know?

How to hack KeepKey in 15 minutes and $ 75?

The essence of the attack:Using a voltage glitching attack, a fraudster can obtain an encrypted seed phrase (a set of randomly generated words that can be used to restore access to the wallet), and at the same time access to funds.

The method requires specialized equipment andknowledge, but for an experienced attacker simple. He just needs to get the device in his hands. Then he uses a cheap device that causes a malfunction in the microcontroller due to a voltage drop. Such devices are not sold on the market, but according to experts, they can be created independently for only $ 75.

After this, the wallet opens access toseed phrase, requiring you to enter a nine-digit PIN code. It is easily selected using the brute force method. That's it - there is access to funds. The whole process takes 15 minutes. If you're tech-savvy, read the detailed report from Kraken Security Labs experts on the process and results of the wallet hack.

Vulnerability is characteristic for every wallet.KeepKey in circulation. Kraken Security Labs experts noted that it would be difficult for the manufacturer to quickly fix the vulnerability with a simple update - unfortunately, firmware that was not immune to crashes did not appear. The problem is inherent in microcontrollers, and to solve it requires a hardware update of the device.

KeepKey developers aware of the problem

KeepKey wallets are sold by ShapeShift crypto exchange,purchased the manufacturer in 2017. Back in April 2019, “ethical hacker” Sergei Volokitin managed to hack into a wallet and install his own software on it, causing a power failure.

The company is aware of the vulnerability, but believes thatreliably copes with its main task - to protect user keys from remote attacks. ShapeShift representatives believe that the likelihood of losing funds is minimal. The attacker must obtain the wallet and have specialized knowledge, skills, and experience in hardware design, software development, and PIN cracking software.

“If someone else gets physicalaccess to your device, and also has the necessary time, skills and tools, he can always do whatever he wants with the device, bypassing any existing digital lock,— the company wrote in June.

Again, this applies to any hardware wallet. ”

The manufacturer promised to make the firmware less susceptible to a voltage failure attack. But, as we see, the vulnerability was not completely eliminated.

Vulnerabilities of Ledger Wallets

How secure are hardware crypto wallets? Vulnerabilities and Precautions


The main manufacturers of hardware wallets areLedger, Trezor, KeepKey, Digital BitBox, Coinkite, BitLox, CoolWallet and CryoBit. Each of the manufacturers of top-end hardware crypto-wallets promises to provide the highest level of protection for funds. However, “ethical hackers” and cybersecurity experts have found a way to crack each one.

Trezor and Ledger devices are the most popular onthe market. In terms of hardware and firmware, KeepKey is very similar to Trezor's Model T. The only significant differences can be found in housing, design and architecture, as well as in software.

In December 2018, a number of device vulnerabilitiesTrezor and Ledger were discovered by Wallet.fail experts. The problems were in software and hardware, firmware and web interface. Experts demonstrated the hacking of wallets publicly at the 35th annual Chaos Communication Congress. The researchers noted that the wallets exhibit systemic and recurring problems. You can get rid of some of them by replacing microcontrollers or updating the firmware.

Ledger and Trezor wallets are designed differently. The first uses two microcontrollers: a special cryptographic Secure Element and a universal one that manages an external connection and confirms transactions. Hacking a cryptographic chip is difficult, but universal - no.

Here's what the researchers did during the demonstration:

  • In the wallet Ledger experts added an inexpensivea $ 3 hardware implant that remotely confirms a transaction. Experts noted that, most likely, in this way you can hack any device. Later, the manufacturer replied that this was an “impractical scenario” and that the danger should not be exaggerated.
  • In Ledger Nano S managed to crack the bootloader andreflash device. The wallet has protection against such interference - the firmware is checked using cryptography. However, experts found a way around it and launched the game "Snake" on a hacked wallet. Real attackers, of course, would download the module instead of the game, replacing the wallet address in outgoing transactions, and simply withdraw funds. The error has already been fixed.
  • Model Ledger Blue was able to crack by interceptingPIN input using radio waves. To take advantage of the vulnerability, you must be in the immediate vicinity of the wallet when entering the PIN code. In practice, this is also an unlikely scenario. But the manufacturer promised to fix it.

In response, Ledger representatives stated that the experts' findings are interesting, but the attacks demonstrated are difficult to implement in practice: they all require physical access to the device.

Trezor Wallet Vulnerabilities

How secure are hardware crypto wallets? Vulnerabilities and Precautions


Trezor vulnerabilities have been discussed since 2017.Teen “ethical hacker” Salim Rashid also found security problems with the device. The company fixed all the holes within a few days. Rashid also identified vulnerabilities in Ledger devices that allow malicious code to be inserted into the wallet and the addresses of outgoing transactions to be changed. The hacker warned users against buying used devices because they are easy to reflash. This time, the company fixed the vulnerability four months later.

Trezor's hardware wallet uses everythingone universal chip based on the ARM architecture, which is responsible for both cryptography and device connection. It would seem that hacking it should be simple, because it is enough for attackers to access only the flash memory of the wallet, which stores the seed phrase, but the developers reliably protected the firmware. Nevertheless, the Wallet.fail researchers found the trust and it through the hardware part of the wallet with direct access to the device.

Trezor wallet was hacked by experts using the same"voltage failure" attack. The low voltage caused a crash and reboot. To save the seed phrase during the update, the device placed it in RAM, which the researchers could read. Experts emphasized that this is only possible if the user has not set a password. The Trezor team acknowledged the vulnerabilities and promised to fix them, but stressed that in order to exploit them, attackers must gain physical access to the wallets.

In March of this year, Attack Lab, a researchdivision of Ledger, also found several vulnerabilities in the Model T and Model One hardware wallets of its main competitor Trezor. According to a company blog post, Ledger employees contacted Trezor to report the vulnerabilities they found. Trezor was able to solve all but one. After this, Ledger specialists shared the problems in an article, and later publicly at the MIT Bitcoin Expo conference in Boston.

Attack Lab employees found the following vulnerabilities:

  • Device authenticity.The protective holographic sticker can be removed with a simple hairdryer. The genuine wallet can then be hacked, then left in the box with the security sticker restored, and returned to the manufacturer compromised. The devices can be completely imitated because they are made from relatively affordable components - even the manufacturer may not notice the difference. Attack Lab experts believe that to eliminate the vulnerability, it is necessary to change the design and components of wallets. It is noteworthy that Trezor themselves reported the existence of counterfeits of their flagship Trezor One device back in November 2018 - usually sold at a discount and with low-quality holograms. The company recommended trusted sellers and distributors. However, Ledger experts believe that you can buy a fake even on the official Trezor website. Attackers can purchase an original device, hack it, and then return it back. If the company resells it, new users may lose their funds.
  • Pick up a PIN using an attack on a third-party channel.
  • Trezor One crypto library lacks sufficienttools to combat hardware attacks - by gaining physical access to a device, an attacker can extract a secret key through an attack on a third-party channel. Trezor previously claimed that its wallets are resistant to such an attack.
  • The ability to steal sensitive data fromdevices - after gaining physical access, scammers can extract all the data stored in the device’s flash memory. The vulnerability can be eliminated by replacing the main component of the device with a “protected element chip”, in contrast to the current computer chips used in the devices. This is the only vulnerability not fixed by Trezor - for this it would be necessary to change the wallet device. Attack Lab experts recommended that users use a strong passphrase - this will reduce risks.

What precautions should be followed when working with hardware wallets?

The main risk of compromising a device is the physical access of attackers to it. If the wallet falls into the wrong hands, it will definitely be hacked - it is only a matter of time.

Scammers have an arsenal of tricks withwhich they can access the wallet’s user’s tools: an intermediary’s attack, flashing or distributing fake devices, hacking the computer to which the wallet is connected, PIN bypass, hardware implant, loss or theft of a seed phrase, simple tracking.

To secure your crypto assets, follow simple precautions:

  • Buy wallets only in the official store or from distributors recommended by the manufacturer;
  • When buying, check the packaging and wallet for opening;
  • Keep the device in a safe place;
  • Set maximum passwords and waysTransaction confirmation: multi-digit PIN codes and complex passwords, seed phrases, blocking after incorrect PIN code entry. Do not simplify your life - the more difficult it is to complete a transaction, the more reliable;
  • Choose a wallet that supports multi-signature (for example, Coldcard Mk3 and Trezor T). They are difficult to use, but significantly increase the level of security;
  • Recheck the recipient address before the transaction. In most newer devices, the display shows the full wallet address, but in earlier models not all numbers may be visible. If you do not see at least the last 10 characters of the recipient's wallet, be safe using one-time passwords;
  • Make sure no one sees you enter your PIN and passwords. Fraudsters can remotely turn on your webcam or even set up a hidden one.

Hardware Wallets Still Reliable

Hardware wallets can protect fundsclients from the most common attacks: viruses, malware and hackers. At the same time, devices are just as helpless as any other wallets when it comes to protecting client devices from physical attacks.

But do not rush to throw away your hardware wallet or look for an alternative, because:

  • Firstly, they haven’t come up with anything more reliable.
  • Secondly, if attackers do not get them in your hands, your crypto assets are most likely not to be lost.
  • Thirdly, manufacturers are bringing to the market new solutions to protect user funds: biometrics, geolocation, smart cards, new encryption algorithms.

It's important that manufacturers acknowledge the problemssecurity issues and are working to eliminate them. They have bounty support programs, and they try to fix identified vulnerabilities as soon as possible. When choosing a wallet, pay attention to the openness of the manufacturer and its willingness to solve security problems of its devices.

What do you think of hardware wallet security? Have you lost funds from them? Share your thoughts and stories in the comments section below!