Attacks Against Your Crypto Wallet
In the final week of 2018, three hardware researchers disclosed several attacks against 2 cryptocurrency hardware wallet companies. These 3 researchers have been disclosing vulnerabilities since 2017. On December 27th, 2018 they disclosed these attacks against the two largest personal crypto hardware wallet providers, Ledger and Trezor.
After reviewing these specific attacks, I decided to write about the potential danger these attacks pose and what a crypto-holder can do to prevent attacks mentioned. The attacks were disclosed at the recent Computer Chaos Congress in Leipzig by 3 researchers who detailed a handful of different attacks. I won’t break down each of these different attacks as the researchers show you how they performed the attacks in this video.
After the video was released, a frenzy rushed over the community claiming these devices were owned. This may be a bit overblown but this still deserves attention and exposes potential attack vectors.
Ledger and Trezor Response
A day after the wallet.fail presentation, Ledger made a public announcement explaining their position on the entire subject. You can read their response here. Ledger definitely does not sound very pleased with the way the researchers decided to disemminate the information. Ledger then states that the attacks against the Ledger Nano S and Blue were extremely niche and needed very specific factors to be present to go accordingly. Ledger was dismissive in saying that the attacks were unpractical and opted for an easier method.
I understand that these attacks would need a very driven sophisticated attacker to be able to pull off, but that doesn’t lessen the threat that exists. The Ledger team is writing in their blog post as if everyone of their customer base has the exact same threat model. Your threat model is exactly that… “Your threat model”. Your specific threat model needs to be taken into account by every individual hardware wallet owner. Ledger might say these specific attacks are unlikely but the knowledge that an attack exists where someone implants a tiny device inside your Nano S will help keep the cryptocurrency owner that much more vigilant. These attacks should help to inform how you mitigate risk on your end.
Trezor/SatoshiLabs tweeted this in response to the wallet.fail presentation:
Regarding the presentation at #35c3, we were not informed ahead of time about the details of the disclosure.
We are working with the info as it arrives. We will address the vulnerability in due time—as soon as possible.
Please keep in mind that this is a physical vuln. An attacker would need physical access to your device, specifically to the board—breaking the case.
If you have physical control over your Trezor, you can keep on using it, and this vulnerability is not a threat to you.
Similar to Ledger, Trezor stated that they are very specific attacks that pose little threat but it seems that Trezor was a bit more receptive to the release of these attacks.
Analyzing the Results
The wallet.fail presentation hit on several different threats/attacks possible against these devices. What can we learn from them?
The Security Sticker is an example of security theater as there are many ways around this in the current market. Tamper-proof versus tamper-evident is a discussion that needs to be considered when trying to fight against supply chain attacks. We shouldn’t rely on a tamper-evident sticker to proof validity of hardware. There can be many different software/hardware solutions implemented. A digital checksum or hardware device analysis can help lessen these threats.
The radio frequency attack against the Nano S can be defended against if you are able to analyze the hardware, as long as you know what you’re looking for. Ledger explains how to open up your Nano S here. Someone should be able to see if the Trezor has been pried opened since Trezor has their parts fused together.
The Ledger Blue PIN radio frequency analysis needs very precise settings to occur but who is to say that in a few months/years, an AI built specifically to analyze the PIN entry signals is able to do it with much greater success with greater variables(such as if someone is moving the device, which Ledger claims breaks the experiment). The attacker discovering your PIN will still need direct access to your Ledger Blue after though.
I thought the most pertinent attack exposed in the wallet.fail presentation was the RAM dump attack against the Trezor One device. The device was forced to keep the mnemonic seed and PIN in RAM. The researchers were then able to dump the RAM and get these two very important pieces of your crypto wealth. This of course means that the attackers would need access to your Trezor One device and “glitch” the device while performing a firmware update.
What Can I do?
These attacks pose a threat to anyone that uses either of these two brands to store their crypto. Like I mentioned above, these attacks may be very specific, and as Ledger put it, “unrealistic” but history has shown, these early attacks can expose more flaws which could be easier to exploit down the road.
There are a few measures that you can take NOW to help further secure your digital assets against these and similar attacks.
Use a passphrase for your Trezor to avoid your Trezor from keeping your seed and pin in RAM. A single step to use to further secure your assets(Trezor states this is for advanced users so proceed at your own caution).
A lot of these attacks also require you to have malware installed on your personal computer. This further shows that you should always keep your operating system, anti-virus/anti-malware, and applications up to date. As well as keeping your computer clear of unused/useless applications as this creates a larger attack surface to get infections onto your machine.
Finally, you will want to maintain control of your Trezor or Ledger devices at all times. Never tell people where you store your devices and don’t leave them unattended in other’s possession. These attacks are very important to the community. The researchers disclosed their findings publicly but the real threat against these wallets is that there could be many attacks that exist in the wild that haven’t been disclosed by someone. These attackers may not have the same intentions of the wallet.fail researchers. Strive for open source code bases and open source hardware. The open source community won’t completely prevent security issues but can help in disclosures or the discovery of bugs.
If you have any questions regarding the hardware wallet security mentioned in this post or any other security questions relating to cryptocurrency security, please feel free to reach out to me at J@CryoSecurity.io or visit CryoSecurity.io