Hardware wallets: not 100% secure?

Of all types of cryptocurrency wallets, hardware wallets are considered to be the most secure. They are not connected to the internet which eliminates the risk of online hacks or catching a virus. They are well-encrypted, and unless you know the password, you won’t be able to get access to the funds.

However, recent research conducted by KeyLabs, the group of German blockchain security experts, revealed that even these devices are not perfect and can become a subject to hackers’ attacks. Their project called Wallet.fail was first presented at the 35th Chaos Communication Congress in Germany, November 2018. What kind of vulnerabilities they found and whether regular users need to worry about them is discussed in today’s article.

What are hardware wallets?

A hardware wallet represents an offline USB-like device that is designed for keeping private keys and sign transactions with the maximum security. The private keys never leave the device and cannot be accessed on the web. This is what makes such wallets more secure than all others represented on the market.

There are two main companies that issue hardware wallets, Ledger and Trezor. KeyLabs have found vulnerabilities on both of them, although not on all models.

Vulnerability #1: holographic security seals

When you receive your long-expected parcel with a Trezor wallet, you will always find a holographic security seal on the box with the device. Such seals are used by hardware companies to ensure that the device is not a counterfeit and prove the product’s integrity.

However, with Trezor, this seal can be easily taken off. There is plenty of DIY video guides on YouTube on this topic. After removal, the sticker can be put back just as easily. And be sure that hackers have their own way of printing the seals that a user will never tell apart from real ones. Back in November 2018, Trezor even posted a warning about fake devices on its blog with some advice on how to check if the device is genuine.

The original Trezor One holographic seal (above) in contrast with a fake holographic seal (below).

Ledger, on the contrary, doesn’t use such stickers at all. Within the box, there is a paper with an explanation of why there’s no seal, but still, people continue asking questions on forums and writing negative reviews — one can find a lot of such reviews on Amazon:

Apart from the problem with the seals, some users found fingerprints on their devices and even pieces of hair inside the box. This may be caused by the following security failure.

Vulnerability #2: supply chain attack

With the hardware wallets, a user has to press a button on the wallet in order to send funds. So the button is the sort of the last defense against intruders. However, even this button can be compromised. This vulnerability was found on Ledger. Here’s how it works.

1. Hackers remove the micro-controller that is responsible for activating the “send” button from the wallet.
2. Then they put in their own controller that triggers the button to send money to a different address once the funds are uploaded to the wallet.
3. The wallet with the new controller is sent to the recipient.
4. The signal about funds being uploaded is transferred by a micro-antenna that can be easily put inside the wallet as there’s plenty of space within.

Vulnerability #3: bootloader

One of Ledger’s main benefits that provides its security is the element called ST31. This element is designed for signing transactions and protects your funds from unauthorized access.

However, it is linked with an insecure processor that connects with your PC and thus has access to the internet. This is where the vulnerability lies. Hackers can inject their own code there and make whatever they need, even launch the snake game on the wallet’s screen. And just like with other vulnerabilities mentioned above, there is no way for a user to find out whether a given wallet has such malicious code or not.

Hackers can put their code onto Ledger’s processor and launch whichever process they desire

There were a few more geeky vulnerabilities that are not worth mentioning in this article. But the idea is clear: there’s no wallet that would be 100% secure.

So how do I protect my crypto funds?

Summing up, it seems that there’s no safety in the world of cryptocurrencies. But the same can be said about the traditional financial world, so there’s no need to be too scared.

The good news is that all these hardware wallets’ hacks are not scalable. It requires deep knowledge and additional costs to get the needed equipment to conduct such operations. That is why the chances for these hacks to go mainstream are really low.

Ultimately, you should only care if you keep a really big amount in crypto on a hardware wallet. If this is your case, consider moving your funds to a paper wallet and buying a fireproof safe to store it in your house.

Originally published at cryptoheroes.ch on January 27, 2019.