A team from 35th Chaos Communication Congress just gave a presentation in which multiple vulnerabilities were found on the most popular cryptocurrency 'cold' (hardware) wallets. We are going to touch on a few of the major notes from the presentation, but if you are an owner of one of these wallets, we recommend that you take a look at the full presentation available on the wallet.fail site. or embedded at the bottom of this article.
The video presentation, given by Thomas Roth, Dmitry Nedospasov and Josh Datko, explores vulnerabilities in firmware, software, hardware, architecture and physicality. The 3 wallets showcased were the Trezor One, and the Ledger wallets, Nano S and Blue.
First, the use of security stickers (present only in the Trezor devices), are used to show any signs of tampering with the packaging and/or the device itself. The team easily breached this system with the use of a heat gun, which allowed the removal and reapplication of said security stickers, which proved to show little to no signs that tampering had occurred. This ability could allow a potential hacker to alter a device, repackage and then sell the device from a 3rd party (eBay, Craigslist etc.), then gaining access to your crypto holdings. So when verifying the legitimacy of a purchased device, it's important that the customer know: A security sticker doesn't mean squat!
Next, the team showed how simple it was for all 3 tested device-enclosures to be opened, making a note that the Ledger Nano S was the easiest to open. Once opened, they demonstrated that there was enough space left inside the enclosures to add processing hardware, even an antenna. These added pieces of hardware could be used to alter and access areas of the device which should be inaccessible; essentially, creating a backdoor. Further, with the use of an added antenna, the device could be compromised to the point of allowing remote sending of transactions from the altered wallet.
Using the Ledger Nano S, via exposed and open programming ports, allowed for the firmware to be flushed. This was demonstrated by the team by installing a playable version of the classic game "Snake" to the device. While this may come as no surprise to the hardware-modding community, these secure devices are not completely mod-proof. They have made this program publicly available, for anyone that would rather have a "Snake-only" device, as opposed to a functioning Ledger Nano S crypto-wallet.
Thomas Roth specifically praised Trezor's code as being robust (after fielding an audience question from none other than Trezor's CEO, who attended the presentation), explaining that it took 3 months of glitching the system in order to break the firmware. Nevertheless, the team demonstrated that updating the firmware on the Trezor One device does not require PIN entry. Using strings, the team was able to show that sensitive information (such as the private key seed and PIN number) were viewable in the terminal, as displayed below.
The purpose of these types of endeavors by "hackers" and security experts is to find ways in which a secure system (in these cases, crypto-wallets) could potentially be breached. It's imperative to know from who or where you're buying your 'secure' device. Additionally, it would be beneficial, before adding funds (private keys) to your cold-storage device, to exercise due diligence and research findings such as those displayed in the wallet.fail presentation. Again, we encourage you to view the presentation for yourself, especially if you're able to understand the technical nature of the found results. Be safe out there!
UPDATE: Both Trezor and Ledger have posted responses to the wallet.fail presentation last week. Each company stated their desire for the researchers to have gone through their respective bug bounty programs, yet the demonstration at the congress was the first each company had heard of the related vulnerability issues. Trezor took to Twitter, stating:
With regards to #35c3 findings about @Trezor: we were not informed via our Responsible Disclosure program beforehands, so we learned about them from the stage. We need to take some time to fix these and we'll be addressing them via a firmware update at the end of January.
— stick⚡Pavol Rusnak @ 35c3 (@pavolrusnak) December 28, 2018
Ledger decided to release their own, more detailed response and rebuttal to the suggested evidence, via their site. We encourage you to read both for your own peace of mind.