Author

Topic: Hacker Kingpin bypasses a hardware crypto wallet security to recover $2 million (Read 134 times)

legendary
Activity: 2828
Merit: 1497
Join the world-leading crypto sportsbook NOW!
There is already a topic about that in hardware wallet section posted on January 25:
https://bitcointalksearch.org/topic/trezor-hacked-again-5383049
Okay. Since I don't own one, I never needed to venture into that section before and wouldn't have found your topic. So thanks for referring to it.
I first viewed this video back on the 27th of last month and pondered about it for a week on their findings before putting up here.
Trezor's response was done on that same day, so it has made the rounds on youtube's algorithm for which videos to show to an individuals page.
legendary
Activity: 2212
Merit: 7064
There is already a topic about that in hardware wallet section posted on January 25:
https://bitcointalksearch.org/topic/trezor-hacked-again-5383049
copper member
Activity: 2856
Merit: 3071
https://bit.ly/387FXHi lightning theory
I think I remember this exploit being demonstrated quite a bit in 2018 (there was one that relied on determining a pin by the resonant frequencies the device emitted through the cable and I think one that bypassed the clock on the secure chip - every time you out in a wrong pin, the delay for it being checked and passed from the clock is meant to exponentially increase).
legendary
Activity: 2828
Merit: 1497
Join the world-leading crypto sportsbook NOW!
A former hacker from the 1990's helps out an owner of a well-known hardware wallet white-hat brute force into their device so to recover the cryptocurrency worth over $2 million after bypassing the security measures put in place by the company.

Very clever showing step by step on how this was achieved when a company proclaims their devices are hacker proof.
He put the findings up on their website for submission and the french company was greatful and have since plugged up this hole in it's security on these devices via a firmware upgrade.


https://www.youtube.com/watch?v=dT9y-KQbqi4
source: https://www.theverge.com/2022/1/24/22898712/crypto-hardware-wallet-hacking-lost-bitcoin-ethereum-nft

The company in question had responded to the video above and stated this was an exploit back in 2017 and had since been resolved. The device must of not been updated since that firmware since the owner could not gain access to the device so to do that upgrade.
So he was lucky in this retrospective.
Jump to: