Researchers Find New Ways to Steal Crypto

Saifu
4 min readApr 26, 2018

--

The safest way to store cryptocurrency seems a little less safe today, after researchers at Ben-Gurion University have shown that it’s possible to steal private keys in ‘cold storage,’ i.e. stored on a device not connected to the internet. Cold storage is considered the safest method for securing cryptocurrencies, and while this discovery doesn’t present much risk to the average Bitcoin buyer, it shows that even offline devices aren’t immune to cyberattacks.

There are many ways to store cryptocurrency. Some are safer than others, some are more convenient than others. Cold storage is considered very safe, if not particularly convenient, and involves using an airgapped computer (one that is never connected to the internet) to store the private keys to your cryptocurrency. The private keys are basically the keys to your crypto — if a hacker gets access to them, your crypto is long gone. By storing those keys on an airgapped computer, you could be confident that even if the cold storage computer were infected with malware, that malware could never send your private keys to hackers because the computer is never online.

In this diagram, malware contracted online is transmitted from the hot wallet to the cold via a USB drive. Once connected to the cold storage computer, the hidden malware installs itself, locates the private keys, and transmits them using one of the methods detailed below to a nearby smartphone.

In a paper published Monday, Ben-Gurion University professor Mordechai Guri and colleagues showed that it’s possible to extract a 256-bit Bitcoin key from a wallet running on an airgapped computer. The paper showed 14 methods by which an attacked could extract the key in a few seconds to a few minutes, but it’s important to note that all of these methods require malware already installed on the airgapped computer. In other words, the cold storage computer must already be infected with malware for any of these methods to work.

How do you secretly steal data off a computer that’s not connected to a network? One method Guri and his team employed repurposes a computer’s s input-output pins to creates faint radio signals. These radio signals can be picked up by a nearby device, like a smartphone. The headphones on the smartphone in the video below act as an antenna, but aren’t strictly necessary.

Another method employs the computer’s speakers to transmit the private key, using frequencies that are too high for a human to hear.

The paper details a dozen other methods that can be used to transmit a key to a nearby device. A keyboard LED can be made to flash, a CPU fan made to spin at certain audible speeds, a hard drive disk spun to give off certain frequencies. All of these techniques pre-date this paper, but the ease and speed with which Guri and his team were able to exfiltrate the private keys is alarming. The growing adoption and value of cryptocurrencies makes these types of attacks much more lucrative. They may become commonplace.

It’s worth repeating that none of these techniques work without the computer already being infected with some sort of malware. They also require some physical proximity to the device, and not all methods work for all devices. But it does erode some of the trust placed in cold storage solutions. As Guri writes in the study, “We show that, despite the high degree of isolation of cold wallets, motivated attackers can steal the private keys out of the air-gapped wallets… With the private keys in hand, an attacker virtually owns all of the currency in the wallet.”

If you choose to use a cold wallet to protect your keys, be sure to keep the device away from smartphones, laptops, or other computers, and most importantly, make sure the device is not infected with malware.

If you would prefer more security, don’t want to be your own cybersecurity expert, or would like easier access to your cryptocurrencies, consider an account with Saifu account. Saifu stores users’ keys on Thales nShield hardware security modules, using a multilevel sophisticated access control system that is virtually immune to malware. These are air-gapped devices that can only be accessed on-site by an engineer with two keycards. The keys are created in the hardware and never leave it; they cannot be copied or stolenCompared to a personal computer, they are also nearly immune to malware. Saifu also offers convenience. When you want access to your crypto, whether spending, selling, or buying more, it’s just a click away on the Saifu web or mobile app.

Security is one of the Saifu’s core principles, so we do a constantly monitoring of the latest security issues and potential exploits to make ensure that our customers will always have the highest security level on the market.

Whatever solution you choose, do your homework and be careful!

--

--