Pages:
Author

Topic: Hacking a Samsung S3 to recover a Bitcoin wallet (Read 578 times)

legendary
Activity: 2422
Merit: 1083
Leading Crypto Sports Betting & Casino Platform
This is quite a story, I believe the reason why they could even gain access into the phone was because the phone is a very old one, and its security components are not as updated as the phones that are being produced nowadays.
This made me remember an experience I had with Samsung A30, a friend of mine bought the phone from someone he didn't know, after resetting the phone to its factory mode, the phone became totally unusable, it was asking my friend to sign in with the email and password that the first owner registered the phone with, my friend did not know the email address neither does he have a clue what the password is, he had no means of contacting the person he bought the phone from, he later brought the phone to me, me thinking the issue was minor decided to buy the phone from him, I thought a simple flashing and reinstalling the phone OS would fix the problem, but surprisingly, after several flashes and reinstalling the phone's operating system, the issue persisted, I later contacted an engineer who after checking the phone, told me that the phone is permanently locked and its only the first owner who has the key to unlocking it.

  • Never forget to make multiple physical backups of your recovery phrases so you can gain access to your crypto whenever you need to.
  • Don’t be reckless with your coins, no matter how small the amount is. One day it can amount to something big.
  • Don’t forget passwords, PINS, swipe patterns, and other important details that could cause a loss of money.
And also would add that we all should learn to follow our investments up, don't just invest and abandon it, i believe that if the guy in the story followed the his investment up, at least, checking on a monthly basis, he would have be able to get his Bitcoins from Bit Blender before they shut down.
legendary
Activity: 2212
Merit: 7064
Yes, but as you can see, 3D printing someone's head in a fairly accurate and to-scale way is a lot more involved than someone might assume (e.g. assuming a printed image suffices - a lot easier to acquire and produce).
I think that modern biometric passports all contain 3d scan of human head and eyes, so if anything would to happen with that documents you know what would happen, and we all know how (un)professional governments can be for security citizens private information.
Simple hacker attack could gain access to all data, and I think China recently had one major leak with all information from millions of people being sold online.
Biometrics can be copied.

There is Forbes video from 2018 showing that 3d printed head model worked for unlocking smartphones:
https://www.youtube.com/watch?v=ZwCNG9KFdXs

In the rare case that you are the victim of a targeted attack (i.e. whoever steals your device has access to a 3-dimensional model of your face or a picture of your fingerprint), for one, you have a bigger issue on your hands than worrying about a few sats, and secondly you can go home, take your seed words, and may be able to sweep the wallet before the attacker manages to do that first.
I know, and I was talking about overall security, not just about bitcoin sats.
Problem is that once your biometric data is leaked you can't unfix it, unless you make drastic plastic operation, or making something stupid with your body like Black Alien Project did (search that term on youtube).
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
Nowadays, at least on iPhones, you do need a three-dimensional model of the victim's face, since it's not just a picture match, but infrared dots are projected on the face, which allows the device to map the 3d texture of whatever is held in front of it.
It's not really that hard to trick those biometrics, both for fingerprint and for face scans even for newer smartphone models.
I could come up with few ideas using right materials (3d printed head comes first in my mind), and I even saw bunch of cases on internet with new phones being unlocked by twin brothers/sisters, so it's far from perfect.
I don't like biometric protections and I wouldn't suggest them for smartphones or hardware wallet protection.
Yes, but as you can see, 3D printing someone's head in a fairly accurate and to-scale way is a lot more involved than someone might assume (e.g. assuming a printed image suffices - a lot easier to acquire and produce).

Of course, nobody should store a big percentage of their wealth on a mobile phone in general, but I do think that Bitcoin's purpose is to be used and that using it through a mobile phone makes it most accessible for the vast majority of people. So holding a 'wallet-sized' amount on a mobile phone directly or on a hardware wallet that you use with a mobile phone, would be something I endorse, as I like to see Bitcoin be used and not just stored for decades.

In the rare case that you are the victim of a targeted attack (i.e. whoever steals your device has access to a 3-dimensional model of your face or a picture of your fingerprint), for one, you have a bigger issue on your hands than worrying about a few sats, and secondly you can go home, take your seed words, and may be able to sweep the wallet before the attacker manages to do that first.
legendary
Activity: 2212
Merit: 7064
Nowadays, at least on iPhones, you do need a three-dimensional model of the victim's face, since it's not just a picture match, but infrared dots are projected on the face, which allows the device to map the 3d texture of whatever is held in front of it.
It's not really that hard to trick those biometrics, both for fingerprint and for face scans even for newer smartphone models.
I could come up with few ideas using right materials (3d printed head comes first in my mind), and I even saw bunch of cases on internet with new phones being unlocked by twin brothers/sisters, so it's far from perfect.
I don't like biometric protections and I wouldn't suggest them for smartphones or hardware wallet protection.
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
The report says a fingerprint scanner can be "hacked" by using a picture of the target's fingerprint, creating a negative in Photoshop, printing the resulting image, and then putting some wood glue on top of the imitated fingerprint so it can be used to trick many commercial scanners.
When it comes to hacking protection using facial recognition, experts say that in most cases it can work with a simple photograph of the victim. In most commercial software, the technology is not so advanced that it can distinguish between a living person and a photo.
It depends heavily on the implementation. I remember years ago when the first smartphones added face unlock, it was indeed possible to unlock them with the user's profile picture from a social media account, even without printing it on paper.
Nowadays, at least on iPhones, you do need a three-dimensional model of the victim's face, since it's not just a picture match, but infrared dots are projected on the face, which allows the device to map the 3d texture of whatever is held in front of it.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
I was wondering, how easy could it get years from now to bypass a fingerprint or face scan? 

As for fingerprint locks, I've been reading for years that this protection can be bypassed very easily, without having to cut off someone's finger or something similar. However, you need a picture of the victim's fingerprint and some glue.

The report says a fingerprint scanner can be "hacked" by using a picture of the target's fingerprint, creating a negative in Photoshop, printing the resulting image, and then putting some wood glue on top of the imitated fingerprint so it can be used to trick many commercial scanners.

When it comes to hacking protection using facial recognition, experts say that in most cases it can work with a simple photograph of the victim. In most commercial software, the technology is not so advanced that it can distinguish between a living person and a photo.
legendary
Activity: 882
Merit: 1873
Crypto Swap Exchange
I was wondering, how easy could it get years from now to bypass a fingerprint or face scan?  I still think the safest and most secure one is by using a password instead of PIN, face lock, fingerprint or pattern.  A strong password seems the safest option for both long and short term.  Plus, I had even extremely long passwords on my phone's lock screen before and after a few days, at most weeks, you get used to typing it out really fast if you wish.

Unless a backdoor exists (I remember there was a story about FBI breaking into iPhones years ago?) or some vulnerability that makes even the strongest password an easy break through.

-
Regards,
PrivacyG
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
I searched around a bit and I did find a software with that name. One Click Pattern Unlock v3.0.2 seems to be the newest version. Could it be that one? I don't recommend anyone to download or install the software on the below links unless you know what you are doing! I am just posting it as a reference. Use it at your own risk!

https://firmwarecare.com/one-click-pattern-unlock-v3-0-2
https://cruzersoftech.com/one-click-pattern-unlock-tool-v3-0-2-free-download-working-100/

There is also a YouTube video that shows how a similar software works but it's mostly for Chinese brands. However, Samsung is also on the list.
Yes, be extra extra careful with any 'hacking tool' or 'unlocker' type software in general. In most cases, what's going to be hacked (if anything) is your own machine.

There are even reports about legit / real hacking tools being reuploaded with trojans in them:
Hackers are getting hacked via trojanized hacking tools
legendary
Activity: 2730
Merit: 7065
and btw all phones are manufactured in China.
I know that, but I was talking about proper Chinese brands like OPPO, Huawei, Meziu, etc.

I bet someone created similar one-click software for breaking regular pins and passwords, and you can only imagine what real hackers and gov agents have in their toolboxes.
Let's just say that if you are involved in any kind of criminal activities, you shouldn't carry your smartphone with you when you are spending time with or talking to your criminal syndicate. Cool And consider everything you have ever stored on your phone as retrievable in many cases. 
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
I searched around a bit and I did find a software with that name. One Click Pattern Unlock v3.0.2 seems to be the newest version. Could it be that one?
~link snip~

Based on the image from your source the UI is different from what I used before and the tool that I used before only supports Samsung phones and no Chinese phones the UI background is black and only has 3 buttons that exactly what I remember I got them from repair phones/mobiles forum or maybe in XDA forum.

This is the only way he could make longer promotional video like this Wink
I am sure he knows about easier way to break into phone but since he didn't find $6M like in his clickbait title, he needed to create some drama.


I think yeah he knows the easier way based on his video he is using the medusa box which is a well-known tool for phone technicians I don't think if it's hacking that's the normal use for that box and can be bought for around $40 to $50.
legendary
Activity: 2212
Merit: 7064
The only problem with Joe is he did disassemble the unit and make some jumper it could be for tx, rx and gnd or jtag pinouts to directly have access to nand/emmc data. But it's too much work compared to using a one-click pattern for removing the pattern temporarily and then you can able to do what you want to like accessing the wallet and then back up the wallet.
This is the only way he could make longer promotional video like this Wink
I am sure he knows about easier way to break into phone but since he didn't find $6M like in his clickbait title, he needed to create some drama.

There is also a YouTube video that shows how a similar software works but it's mostly for Chinese brands. However, Samsung is also on the list.
Hahaha so much about security and safety for your super-smartphones  Cheesy and btw all phones are manufactured in China.
I bet someone created similar one-click software for breaking regular pins and passwords, and you can only imagine what real hackers and gov agents have in their toolboxes.
I have few old chinese smartphones and I may test if pattern breaking works for them.
legendary
Activity: 2730
Merit: 7065
I searched around a bit and I did find a software with that name. One Click Pattern Unlock v3.0.2 seems to be the newest version. Could it be that one? I don't recommend anyone to download or install the software on the below links unless you know what you are doing! I am just posting it as a reference. Use it at your own risk!

https://firmwarecare.com/one-click-pattern-unlock-v3-0-2
https://cruzersoftech.com/one-click-pattern-unlock-tool-v3-0-2-free-download-working-100/

There is also a YouTube video that shows how a similar software works but it's mostly for Chinese brands. However, Samsung is also on the list.
legendary
Activity: 3472
Merit: 3217
Playbet.io - Crypto Casino and Sportsbook
If you root your phone, you may be able to dump all data partitions to a desktop/laptop.
Then, later, you can scan these partitions with keyhunter to recover private keys.

Actually, you don't need to root the phone you can use a tool/software that can bypass patterns temporarily without data loss.

I have experience with my old Samsung phone before it can easily bypass using a tool I can't remember the name but they called it a one-click pattern removal tool. It was an old tool since 2015 and it is very useful for temporarily bypassing patterns. But the only problem is it is not permanent every time the screen is off the pattern will popup again.

The only problem with Joe is he did disassemble the unit and make some jumper it could be for tx, rx and gnd or jtag pinouts to directly have access to nand/emmc data. But it's too much work compared to using a one-click pattern for removing the pattern temporarily and then you can able to do what you want to like accessing the wallet and then back up the wallet.
full member
Activity: 297
Merit: 133
If you root your phone, you may be able to dump all data partitions to a desktop/laptop.
Then, later, you can scan these partitions with keyhunter to recover private keys.
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
Would in this case not be a lot safer if Joe had his Mycelium wallet locked by a very strong password?  I personally have my phone locked with a pretty easy password for quick access, but all my Cryptocurrency apps are secured with very strong passwords so in case my phone is ever stolen, they can get some data off it but not my wallets.
For attacks like this, where memory is copied directly out of the device, what matters is if the data is encrypted. I have no idea whether the Mycelium application encrypts the seed with the password or if it's just a protection to be able to open the app, with the seed still stored unencrypted on disk.

According to Walletscrutiny, Mycelium provide reproducible open-source builds, so this is something that can be checked in their code.

It's not just about fixing bugs; these are actual completely new security mechanisms that can kill whole 'families' of attacks and make certain things completely impossible.
Ok, let me give you few examples that are not directly connected with smartphones but can be applied for them as well, do you think that Windows 11 is more secure than Windows 10 or Windows 8 OS?
- I think that each new windows os is worse and it provides less privacy than previous versions.
Second example, do you think that modern laptops are better and more secure than proven older modular laptops?
- New laptops are mostly not modular, you can't replace or fix anything yourself, and they are made from cheaper materials.
As long as Windows 10 and 8 are still supported by Microsoft, they should all get the same security updates. After that, the old versions indeed, automatically become less secure. For instance, ATMs still running Windows XP are a big security concern and some banks pay insane sums of money for Microsoft (or other companies) patching XP for the latest vulnerabilities.

Also, newer operating systems will get new security mechanisms, such as I've shown with iOS and Android introducing ASLR at a certain point in time, which automatically makes anything older, less secure due to just not having ASLR.
The other two points don't relate to security, but privacy and serviceability which are different topics. I prefaced my previous statement by saying that security and privacy don't always (have to) go in tandem.

New stuff is not always better, and it often times just opens a big new can of worms after each new releases.
Yes I know Linux OS doesn't mean something is safe, but I just want clean open source stuff without extra crap on top.
Oh absolutely! I love clean, open source machines with as little bloat as possible, too; just like simple vehicles without unnecessary loads of electronics in them. But again, that's another topic.. Wink But operating systems do get more secure (big picture) overall. What else do you think security professionals were doing in the last 10 years? Cheesy
legendary
Activity: 2212
Merit: 7064
As you said yourself, those are privacy concerns, not security concerns. A security concern would be someone finding a vulnerability in the OS to break into your PC, online accounts, or anything else on your computer due to vulnerabilities in your Windows installation. Microsoft and other third parties spying on you is bad for privacy, but it doesn't necessarily make your security worse. If Windows 11 is also worse in terms of security than Windows 10, that's a different topic.
I was not speaking literally, and I was saying that releasing new things doesn't mean they are better in any way.
Companies often release new consumer stuff every year only for profit and not for improving security, privacy and anything else.
Just compare computer processors from 2012 to 2022, you only have two or three serious jump in performance/security, while all the rest are only cosmetic changes.
As for Win11 I could argue that security is also lower on Windows 11, than on older windows or linux operating systems, because you can't disable some hidden services that are enabling backdoor access, but that's a different topic.
legendary
Activity: 2730
Merit: 7065
Would in this case not be a lot safer if Joe had his Mycelium wallet locked by a very strong password?
Joe is the hacker. The client who forgot his swipe patterns is Lamal or something like that. But anyways, yes it would be safer. Besides breaking the gestures pattern, Joe would have to find a way to bruteforce the wallet password and I doubt he would succeed with that unless Jamal used something like 1234.

Ok, let me give you few examples that are not directly connected with smartphones but can be applied for them as well, do you think that Windows 11 is more secure than Windows 10 or Windows 8 OS?
- I think that each new windows os is worse and it provides less privacy than previous versions.
As you said yourself, those are privacy concerns, not security concerns. A security concern would be someone finding a vulnerability in the OS to break into your PC, online accounts, or anything else on your computer due to vulnerabilities in your Windows installation. Microsoft and other third parties spying on you is bad for privacy, but it doesn't necessarily make your security worse. If Windows 11 is also worse in terms of security than Windows 10, that's a different topic.
legendary
Activity: 2212
Merit: 7064
Some android vendor even use hidden signed message to unlock your phone via OTA . (everyone know this for FBI & NSA.)
Ok, so we know what is not safe to use, but what exactly smartphone models would you suggest to average Joe who cares about privacy?
Maybe there are some extra steps anyone can do to improve security, maybe using Google Pixel or some other smartphone with custom ROM or what?

It's not just about fixing bugs; these are actual completely new security mechanisms that can kill whole 'families' of attacks and make certain things completely impossible.
Ok, let me give you few examples that are not directly connected with smartphones but can be applied for them as well, do you think that Windows 11 is more secure than Windows 10 or Windows 8 OS?
- I think that each new windows os is worse and it provides less privacy than previous versions.
Second example, do you think that modern laptops are better and more secure than proven older modular laptops?
- New laptops are mostly not modular, you can't replace or fix anything yourself, and they are made from cheaper materials.

New stuff is not always better, and it often times just opens a big new can of worms after each new releases.
Yes I know Linux OS doesn't mean something is safe, but I just want clean open source stuff without extra crap on top.
legendary
Activity: 882
Merit: 1873
Crypto Swap Exchange
Would in this case not be a lot safer if Joe had his Mycelium wallet locked by a very strong password?  I personally have my phone locked with a pretty easy password for quick access, but all my Cryptocurrency apps are secured with very strong passwords so in case my phone is ever stolen, they can get some data off it but not my wallets.

Also.  We have to take something into account.  What is today safe may not be safe tomorrow.  We have way too many examples of things that used to be considered safe but later on were found to have crucial security flaws.

-
Regards,
PrivacyG
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
Regarding the latter, there is plenty of open, public evidence that newer smartphones are absolutely safer than older models. An example is the standard full-disk encryption that was added after the S3 era, which is an exceptional improvement and would have made Joe's attack impossible without a lot of extra steps.
They are possibly safer and they fixed some bug and flaws that was found in older devices, but in the same time they are opening bigger windows for exploits, because they are adding more stuff in new devices.
For example, old phones had simple function to call, receive calls and send/receive sms, modern smartphones have all kind of stuff inside.
Until I see actual everyday working smartphone with Linux OS, I will have my suspicions about them.
Custom ROMs are ok, but not there yet.
It's not just about fixing bugs; these are actual completely new security mechanisms that can kill whole 'families' of attacks and make certain things completely impossible.
Do keep in mind I wasn't comparing smartphones (basically small computers) to 'dumb phones'; obviously, if your phone doesn't even have an internet connection, and no way for users to download and / or install things, it massively reduces the attack surface and also the attractiveness for an attacker. I think that's pretty obvious.
But it's just a fact that a modern (2022) smartphone will be more secure than a 2012 smartphone.

Regarding Linux on mobile: do keep in mind that 'open source' doesn't equal 'secure'. It's a fallacy I come across often in 'Linux circles'. There are papers and studies about this, that have shown how a mobile OS built from the ground up with sandboxing, secure boot with hardware root of trust and no built-in way for escalating privileges, running on an SoC is much harder to attack than a box-standard Linux install on a general-purpose laptop. So there is a tradeoff between privacy and security; privacy and auditability of the code doesn't equal security.
It's highly probable that Linux phones of today are less secure than iOS and Android devices.

There is actual research that proves gestures to be weaker than PIN codes. It sounds silly, but e.g. increasing the default length from 4 to 6 on iOS also made it substantially harder to brute-force PINs.
I didn't research this topic deeper so it's possible, but brute forcing PIN is not as hard as you may think, that is if you have correct tools and knowledge.
I just heard that Chinese government was hacked and millions of people information got leaked and it's selling on darknet forums.
If hackers can hack this, why would I think it's so hard to hack simple PIN code Wink
Sure; PINs aren't that secure either, I'm just saying they are more secure than patterns in the real world, e.g. due to low-tech 'shoulder surfing' attacks being much easier.
Pages:
Jump to: