Security Researchers Break Ledger Wallets With Simple Antennae
Radio antennae are the original networking technology, and researchers presenting in Berlin Thursday showed how useful they are as hacking tools.
The hardware researchers set out to find different kinds of vulnerabilities in the most popular hardware wallets used by cryptocurrency holders, from Trezor and Leger. At the Chaos Computer Club Conference in Germany, Dmitry Nedospasov said that he and his collaborators set out to find three different kinds of vulnerabilities and said they succeeded in finding all three.
They presented vulnerabilities the supply chain (where the attacker gets access to the device before the consumer owns it), side channel attacks (where observations are made on the hardware itself rather than the code running the hardware) and glitch attacks (where attackers attempt to disrupt data transmission within a device).
The three collaborators were located in Russia, Germany and the U.S., so they conducted their investigations primarily over Telegram group chat. It took them 50,000 messages and 1,100 images to get all three attacks done.
“It’s a really long time we spent looking at this,” Nedospasov said during their introduction.
Simple antennae played a critical role in the two most dramatic attacks, but, for its part, Ledger does not find these demonstrations alarming.
“Anyone following these attacks needs to understand that both scenarios as portrayed are not practical in the real world and extremely unlikely,” Nicolas Bacca, CTO at Ledger, told CoinDesk via a spokesperson. “We stand by our products and are continually updating and implementing firmware countermeasures to ensure the highest standards of wallet integrity against hackers.”
The company published a detailed blog post critiquing each of the attacks presented.
How easy is it really to get access to a wallet before it reaches a final user?
Not that hard, it turns out, according to Josh Datko, owner of security consultancy Cryptotronix. He said:
“Supply chain attacks are easy to perform, but they are hard to perform at scale.”
Datko explained that makers of secure hardware primarily use stickers to ensure that no one has opened a box since it left a factory, but Datko found that it’s very simple to open a sticker without breaking it or leaving residue using a blow dryer or hot air gun.
So all an attacker would need to do is get some wallets, tamper with them and then get them to a retailer. For example, someone might buy them at a store, tamper with them and then put them back on the shelves.
As an example, the Ledger Nano S uses an on device function to protect users against verifying bad transactions. If users assume their computer is compromised (as most hardware wallets do), the Ledger still requires the user to verify a transaction by pushing buttons on the Nano itself.
That way, if a bad transaction shows up (for example, sending all your BTC to an unknown wallet), the user can just reject it.
However, Datko found it was possible to pop open a Ledger and install an internal receiver that enabled tampering with this function. In fact, using an antennae, he could “press” the button for yes. This would allow him to authenticate a transaction made by a compromised computer without physically touching the Ledger (though it would only work if the Ledger were attached to a computer, and presumably most of the time it is not).
Obviously, this would require getting someone to buy a bad Ledger, knowing where they lived, hacking their computer and then watching them in some way to know when the Ledger is attached to the computer.
Datko was able to send the signal from over 30 feet away, and believes with more powerful antennae he could do it from much further away.
Thomas Roth demonstrated two side channel attacks, but the one against the Ledger Blue used an antennae to read the PIN of device user.
Roth explained that they started by analysing the hardware architecture of the Blue. They noticed that there was a fairly long connection between the secure element and another processor. In other words, the wire that connected these two components was physically quite long, due to their physical distance apart on the circuit board (each on other side of the device’s relatively large battery).
“What is a long conductor with a fast changing current? It’s an antennae.”
So they looked to see if they could discern any kind of signal change when the device was interacted with. They found a significant signal when the touch screen was used to enter in digits for the PIN.
So they built a small robotic device to press a button over and over while their antennae listened and logged data. This was used to build up training data for an artificial intelligence system to analyze.
They were able to get a very high likelihood of identifying each digit on a PIN on the tested device.
So this would theoretically enable them to get close to a user and “listen” with an antennae to discern their code. That said, they would still then need to get their hands on the physical wallet to do anything with it, and this assumes that the user hadn’t taken additional measures.
That said, Ledger pointed out that this attack is less dramatic than it seems in their post, noting that it requires extremely controlled conditions to execute. “A better side channel would be to put a camera in the room and record the user entering his/her PIN,” the post noted.
Nevertheless, Nedospasov was surprised by how well the team did in its search for vulnerabilities. He said:
“When we set out six months ago we did not plan to have 100 percent success.”
More information about these attacks and others will be shared in an open source fashion on Github and on their new site, Wallet.Fail.
Ledger Nano S shown in a screenshot from the livestream of the Chaos Computer Club Conference in Berlin