Pages:
Author

Topic: Be careful what you plug your hardware wallet into your PC with - page 3. (Read 508 times)

legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
a MITM attack working against a certain hardware wallet.

Since the only valid uses for a cable are for signing transactions and maybe for charging, I'd guess that the transaction info going to the HW could be altered with the "right" cable (wouldn't such a cable be too bulky?!)
But even then, such an attack could work only if one doesn't pay attention what the HW screen shows before signing (unless it's Jack's screenless future HW lol).

However, I guess that the validation (or not) for my theory may have to wait "a few weeks"...
legendary
Activity: 2450
Merit: 4415
🔐BitcoinMessage.Tools🔑
https://hak5.org/products/omg-adapter

Been working with someone and we think we might have a MITM attack working against a certain hardware wallet.

For now I can't talk about it, but I can say (and have said in the past) don't trust anything you plug into your PC to verify anything else.
With more and more laptops only coming with the USB C connector and more and more people needing the C to A adapter, it's going to be much easier to drop compromised cables like this into the environment.

More in a few weeks (hopefully).

-Dave
Cables and adapters able to steal user's data have been around for a while, here is some articles regarding this topic:
https://www.vice.com/en/article/k789me/omg-cables-keylogger-usbc-lightning
https://plugavel.com/3025/tech/this-usb-c-cable-can-steal-your-data/
https://fossbytes.com/not-so-innocent-usb-cable-uses-wifi-to-hack-your-device/
https://fossbytes.com/usbharpoon-usb-cable-malware-transfer/
https://shop.hak5.org/collections/mischief-gadgets/products/o-mg-cable-usb-a


With these USB cables, hackers can steal passwords and record pretty much everything you type with your keyboard, inject malicious payloads, reflash the system's firmware, remotely execute different commands, etc. However, I have never heard that any hardware wallet has been hacked this way. Hardware wallets generally transfer neither private keys nor any other sensitive information through a USB connection, so there is nothing hackers can intercept via cables like this. I don't know maybe it is possible to install malicious custom firmware on the device which will allow for seed extraction. They won't extract a passphrase though, because it is not stored anywhere and usually typed on a device itself.

Normally to recover a wallet you'd also have to put in a mnemonic, which would be sent down the cable too so there's added reason to make sure you can trust your connectors.
Normally, the entire recovery process takes place or should take on a device itself, typing your seed on a computer is a terrible practice in principle.

As an example: https://wiki.trezor.io/User_manual:Recovery
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
Normally to recover a wallet you'd also have to put in a mnemonic, which would be sent down the cable too so there's added reason to make sure you can trust your connectors.

Do you know how easy the vulnerability you found would be to patch - is it likely to not remain one for long or is it quite well embedded (feel free to wait on answering this)?
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
https://hak5.org/products/omg-adapter

Been working with someone and we think we might have a MITM attack working against a certain hardware wallet.

For now I can't talk about it, but I can say (and have said in the past) don't trust anything you plug into your PC to verify anything else.
With more and more laptops only coming with the USB C connector and more and more people needing the C to A adapter, it's going to be much easier to drop compromised cables like this into the environment.

More in a few weeks (hopefully).

-Dave
Pages:
Jump to: