Hardware wallet hacks: Firmware spoofing and other tricks

The most reliable storage method for cryptocurrency is a cold, non-custodial wallet. But does this mean that when assets are stored on a physical device you don’t have to worry about security? Do potential threats still exist?

Unhackable – or is it?

For a while, hardware wallets were believed to be unhackable, and manufacturers were happy to promote this idea. It seemed logical, therefore, that you could safely purchase these gadgets second hand – some manufacturers even did this, by the way. Buying a used device for $50 instead of $100 is certainly appealing.

This seemed like a great idea right up until the moment when it turned out that cold wallets could in fact be hacked. One of the first people to prove this was 15-year-old hacker Saleem Rashid, who demonstrated a hack of the Ledger Nano S. He managed to upload modified firmware to the wallet, which would reveal the user's private keys the next time the device was used.

Saleem also claimed that it was possible to upload the firmware remotely by installing malware on the victim’s computer that would prompt them to update their ‘faulty’ wallet firmware. If they accepted the prompt, a modified version of the firmware would be installed on the wallet.

Interestingly, when the hacker reported the problem to the manufacturer, they described the vulnerability as difficult to reproduce. Nevertheless, the company has since released an update to prevent these kinds of breaches.

It doesn’t stop there. Cybersecurity researchers have begun testing cold wallets to find out how secure they are, and have found some very interesting results. For example, participants at the 35th Chaos Communication Congress demonstrated several methods for hacking Ledger and Trezor hardware wallets (one of them was used by cybersecurity expert Joe Grand a year ago to recover $2,000,000 worth of cryptocurrency). It transpired that compromised firmware can be downloaded, allowing hackers to pull PIN codes and even mnemonic phrases.

image1.jpg

Is it really so bad?

Not at all. To carry out a firmware spoofing attack, you need to gain physical access to the device, and this isn’t easy. There are two options: 1) hack the wallet before it reaches the owner, and 2) hack it without the owner noticing. In cybersecurity terms, the former is known as a “supply chain attack”, while the latter is called an “evil maid attack”. Both of them are flawed. The first requires a significant amount of preparation, while the second can take a long time and eventually arouse suspicion if the wallet isn’t returned to the owner in time.

Is this just theoretical?

There are several examples of successful attacks, some of which were quite difficult to carry out. For example, hackers broke into the Trezor server and were able to access customer email addresses. They then sent emails to wallet owners warning them that, due to firmware issues, their devices would need to be replaced. All the customers had to do was send a mailing address for delivery of the new wallet. The victims then actually received the wallets, but the firmware had been modified to send the private keys to the hackers.

Fakes also appear on the market from time to time. They can be found on classified ads, and hackers sometimes sell fake wallets on their own websites, posing as authorized resellers. 

image2.jpg

A fake wallet and a real one. Try to guess which is which

Another method of attack is the BadUSB tactic. Hackers usually do this when trying to install malware on an organization’s computers, but it can also be deployed on crypto wallets. The classic version involves attackers leaving a handful of USB sticks containing malware in an office lobby or nearby café. If the finder of one of these “lost” flash drives decides to use it, their computer will become infected. These flash drives are sometimes sent under the pretence of being a client gift. When it comes to crypto, the same trick can be done by strategically “losing” a modified crypto wallet in a convenient location or “giving it away” to a targeted individual.

How to stay safe

The most important thing is only buying cold wallets from authorized sellers. If you want to order from a reseller, make sure that they are listed on the manufacturer’s official website. If you can’t find a list, get in touch with the support team. Never buy a second-hand wallet.

If you have a wallet, don’t store it in a place where people could see it, and don’t entrust it to anybody else. This applies to your friends too – you might be sure that they’re trustworthy, but you don’t know how and where they will store the device, or whether they could be visited by an “evil maid”.

Is there a genuinely unhackable wallet?

Yes, Tangem Wallet. Our wallet is EAL6+ certified, and the firmware is installed on the wallet's chip once and once only, during the manufacturing process at the factory. After that, it’s physically impossible to do anything with the firmware: you can’t read anything from the chip or load your own version of the firmware onto it.

Even if we assume that a hacker has managed to do this, the wallet would be still unusable. The firmware attestation service would determine that the software has been changed and warn the user.