Hardware Wallet Attacks Demoed at 35c3 Conference
Today, wallet.fail, a Berlin-based team of security researchers, demonstrated successful physical-access attacks against popular hardware wallet devices from Trezor and Ledger. The presentations highlighted anew that, via certain vectors, such wallets aren’t totally impenetrable to determined hackers who have direct access to their targets.
Update 12/28/2018: Ledger has since asserted that wallet.fail demonstrated impractical and non-critical attacks in their 35c3 presentation. Trezor has also said that users with control over their devices have nothing to worry about and that an associated firmware update is coming.
Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts
Researchers Explored Physical Access Possibilities in Hardware Wallet Demos
During a December 27th presentation dubbed “Poof goes your crypto” at the 35th Chaos Communication Congress in Leipzig, the three-person wallet.fail team successfully demonstrated a series of varying attacks against popular Trezor and Ledger hardware wallets.
— Afri 🌩️ Jan 16 (@5chdn) December 27, 2018
wallet.fail, which is comprised of security experts Josh Datko, Dmitry Nedospasov, and Thomas Roth, took to the conference to show that the hardware wallet industry could use further steeling and optimizing.
“The attacks that we perform against the hardware wallets range from breaking the proprietary bootloader protection, to breaking the web interfaces used to interact with wallets, up to physical attacks including glitching to bypass the security implemented in the microcontrollers of the wallet,” the researchers have declared.
“Our broad look into several wallets demonstrates systemic and recurring issues.”
The Devil’s in the Details, But It’s Not the End of the World
Specifically, some of the exploits wallet.fail demonstrated included the following, per Parity Technologies developer Afri Schoedon, who was present for the demos:
- Scraping of PIN and mnenomic seed from Trezor RAM
- Signing transactions remotely, albeit impractically, via a compromised Ledger Nano S
- Side channel attack of a Ledger Blue PIN
- Running snake via the bootloader of the Ledger Nano S
Moreover, the researchers highlighted the five separate genres of vulnerabilities that could be probed, individually or in combination, for hardware wallet attacks. The genres were:
- Architectural vectors
- Firmware vectors
- Hardware vectors
- Physical vectors
- Software vectors
“The vulnerabilities we [presented] range from vulnerabilities that can be fixed in a firmware upgrade, to bugs that will require a new hardware revision, up to attacks on the microcontrollers themselves, requiring new silicon to be fixed,” wallet.fail has noted.
From here, then, there’s sure to be a little soul-searching done in the hardware wallet industry. The good news, of course, is that average users will likely never face such attacks because other people simply won’t have physical access to their devices in most cases.
Moreover, Ledger itself has since highlighted that many of wallet.fail’s demonstrated exploits were either impractical or non-critical in nature.
“In particular they did not succeed to extract any seed nor PIN on a stolen device,” the Ledger team said in a follow-up post titled “Still Got Your Crypto.”
For their part, Trezor has said a firmware update is coming for their devices in January 2019 and, like Ledger, asserted that wallet.fail did not use responsible disclosure practices in their presentation.
The Trezor team also said that physical attacks aren’t a serious threat for anyone maintaining control of their own Trezor device.
Please keep in mind that this is a physical vuln. An attacker would need physical access to your device, specifically to the board—breaking the case.
If you have physical control over your Trezor, you can keep on using it, and this vulnerability is not a threat to you.
— Trezor (@Trezor) December 28, 2018
Whatever happens in the industry from here, researchers are going to keep showing what’s possible so long as these potential vulnerabilities — both big and small — exist.
What’s your take? What’s the optimal way to secure your hardware wallet? Let us know in the comments section below.
Images via ExerciseTech, Trezor Blog