Topic: Trezor hacked (again) - page 4. (Read 1501 times)

If the price of Model T continues to go up ^{[like it has in the past couple of years due to chip shortages, inflation and etc...]}, I wouldn't be surprised to see a sudden rise of fake Trezor devices in other markets with no shipping problems and the scammers would probably use an excuse like, the device they're selling belongs to the last batch that they purchased at lower prices!

• This is the second time in the past couple of months that Trezor and their users have been targeted, but I'm glad it has forced them to finally "hire a chief information security officer".

Warning for everyone that new fake Trezor devices showed up recently in Russian marketplaces, and they should be considered as malicious!
Scammers are probably using current situation that Trezor is not shipping their devices to Russia and Ukraine at the moment. 

Few days ago Trezor released one interesting blog article with recommendations for purchasing hardware wallets, with well known things like detecting tampering, tamper evident seals, firmware checks, device cases inspection, packaging improvements, software improvements, hardware component bonding. etc.
One thing that got my attention was part of the article that mentions new fake and modified Trezor devices appeared recently and they are mostly sold in Russian marketplaces.
This devices had a bootloader that was not released, vendor was unofficial and many devices sold on this marketplaces displayed a message when trying to sign a transaction:

Firmware updated would show success message, but malicious firmware would remain on device, some functions like Shamir backup were not functioning on this devices, seed words generated by fake devices were predictable or predefined, passphrase function was also modified!
Trezor Model T was mostly affected by this, with some internal components had been replaced by malicious actors.
https://blog.trezor.io/stay-safe-shopping-for-hardware-wallets-543f144e3d24

That sounds a bit confusing. The receive address is the address you generate every time you want to receive a payment. Once payment is received, a wallet usually hides that address to protect your privacy and discourage you from reusing it. However, you can reuse it if you want: it is just not advisable but well doable. There is another type of address - change addresses - which more often than not are not visible to the user. These addresses are used to receive a so-called "change." A change is created in case the value of UTXOs you're sending is higher than the payment. The main peculiarity of an UTXO (unspent transaction output) is that it can only be sent in its entirety, that is, it is like a dollar bill that cannot be divided. For example, if your wallet has only one output of 5 btc and you send a payment of 1 btc, you will receive a change of 4 btc (minus transaction fees). A wallet usually generates change addresses automatically, but if you want, you can send a change back to the address you made a payment from. However, it is a bad practice since sending back to the same address exposes which output was a payment and which was a change.

If by changing address you mean you get a new receiving address every time you want to receive coins, this is called Change Address and it exists for privacy reasons.  If I had your address and you never generate new addresses, I would know that all your incoming and outgoing transactions are received and broadcasted by you.  If you have Change addresses, tracing coins to your identity is getting harder.  Add Coin Control to all of this and you will have significantly increased the privacy of your Bitcoins.

Also, Change Addresses exist on all wallets.  Even on Do It Yourself solutions you still have them.  This does not stop you from using a single address all the time though, but it is at the expense of your privacy.

-
Regards,
PrivacyG

I enjoyed watch this video!

Tension was real with the faulty ground  

---

I didn't even check DIY solutions before buying one, I should... I don't like the changing address of Ledger, don't know if it's a rule for all hardware wallets but I don't really understand the goal.

Old news for sure.

I have had my SEED encrypted on my Trezors for well over a year now.  I leave dummy SD's around for decoys.  That combined with very long passphrases is a virtual certainty that I can sleep well every night!  Most won't put in the time to learn how but SEED encryption on a Trezor is solid and the little SD can be kept in a separate location providing "two location" security of sorts.

It could also mean that the majority of people asking those questions don't have the mental capacity or willingness to watch a video and understand the content shown in it. Like the fact that Kingpin mentions that he found a vulnerable piece of code that allowed him to retrieve sensitive data from RAM in firmware version 1.6.0, and he also says that line of code was removed in newer versions making that attack scenario unrepeatable. That's just people being people and looking at things in a hasty way without any understanding of the material.   

Yes, and then you watched the video and you understood it. Those who are crying on Reddit didn't. That's no one's fault but their own. 

I like what ledger Donjon team is doing, something similar is done by Kraken team in more neutral way, but so much energy is spent from ledger on saying how all other wallets are unsecure, except their product.
They have better marketing and they sold millions of devices, but I think that quantity doesn't always mean quality.

It's possible but he never mentioned exact days in his video and waste majority of viewers are thinking that trezor devices still have this flaw.
I am seeing people posting on reddit and twitter every day asking the same question, that could mean that something was intentially done in this way.
Even I was not sure about dates when all this happened exactly, and at first I was thinking this is some fresh trezor bug...

You don't have to tell me to look at the comments because I posted that image from trezor reply in my first post in this topic.
Why do oyu think Trezor had to do that?
Because they received huge amount of questions...that is why.

Aside from the two videos released by Ledger that shows their Donjon team attacking Trezor and ColdCard wallets, why do you think that Kingpin's video was released after years of waiting? I don't think there is anything in the video that could point to the fact that it was filmed years ago. Is there a specific scene that caught your eye and made you think that? 

It's possible that the guy didn't know who to turn to for help. And that 3 months ago, he came across Kingpin and that other group in Switzerland that was mentioned in the video.

Take a look at the comments under the video on Youtube. Kingpin pinned Trezor's reply in which they wrote that the vulnerability that was found was fixed in 2017. I don't think he would do that if he wanted to throw dirt on Trezor.

Even more risk then, since you are trusting the Passport developers not to introduce a vulnerability with their stupid games, and then trusting the community not to introduce a vulnerability with their code to remove said stupid games. And the community driven version won't be pen tested to the same degree as the native version.

It's such a pointless edition, I cannot understand why they implemented it in the first place. It makes them seem very amateurish.

True, but Shift Crypto also developed AOPP, so they are off the table as far as I'm concerned.

You're probably right... If Ledger would've exerted the same amount of effort into improving all of those unreliable hardware wallets that they've been selling in the past year or so, they could've restored a portion of their damaged reputation but instead of doing that, they're trying to pull-down their competitors in an unethical way ^{[I do know Trezor isn't perfect by any means, but I've never seen them do such a thing]}...

• "Pulling someone down will never help you reach the top."

I was thinking there is something suspicious with the way how this video was released and especially the timing (after years of waiting), so let me elaborate more on this.
Maybe this is just a coincidence, but Joe Grand (Kingpin) released his video on January 24 (over 2,2M views so far), and he even has dedicated website offspec.io registered in 2021.

On almost exact same day Ledger and their Donjon team started to release similar hacking videos on their channel that are also focused on this event of hacking Trezor device.
Side-channel attacks | Enter the Donjon video was released on January 21 just few days before Joe Grand video.
Coincidence or maybe Joe Grand is paid and working for ledger team, I don't know... but it sure looks like negative campaign against Trezor for something that was fixed years ago.

On January 31 Donjon released new short video for hacking old Coldcard wallet with Laser fault attacks.

PS
This is just my speculation and I am not accusing anyone for anything here.

I agree with you that he could have mentioned the years. But he does mention at 13:20 in the video that he was going through Trezor's source code and that he found an exploitable vulnerability in firmware version 1.6.0. He then says that line of code was removed in 1.6.1. In some way, he does acknowledge that this particular vulnerability is not there anymore if your firmware is up-to date. 

Well it is if you are still using an outdated firmware. And if you forgot your PIN, like the guy in the video, and you can't unlock your device to upgrade the firmware, you are stuck with the old and vulnerable one.

He is smart guy and I will give him a credit, but correct way would be to mention the years when this happened, if not in video than in descriptions.
Most of the people are now thinking that Trezor is still affected by this old bug, they are not doing any research and social media is full with this youtube video  

Yeah I saw that link and procedure is fairly simple for anyone who did some soldering in his life.
No chip = No wi-fi/bt, and this could even make raspberry a bit faster also (version 2.0 is faster than v1.3 even with wifi/bt).

Except for coldacrd wallet, because if you fork their code and try to compile it yourself and change some things, you will get a lawsuit from NVK for license violation...
That means their website is lying and misleading people intentionally.
Ask NVK about this and you will get banned, but all his channels... pathetic.  

You know that Keystone wallet also has this feature?
It's possible to install Bitcoin only firmware and after that it's impossible to switch back to multi-coin edition, so it's permanent and good for security.

Hello and wtf?!
I would... It's been more than 3 years since this bug in Trezor and it would be BIG mistake if you don't update now if you have old firmware like that.

That's true, indeed.

I guess then we have to make sure when buying new hardware wallets, that both the firmware and the software used for updating are open source, easy to read and modify. For instance, there could be a community-made script that fetches the latest Foundation Passport source, removes the games and compiles it.

Of course, also pressure on the manufacturers helps. For example, Shift Crypto offers a 'Bitcoin only' firmware that I believe can also be flashed to the 'Multi' edition (irreversibly).

There's a big difference between selling devices to make money and selling out their principles of being in control of your own keys and coins.

Choosing not to update leaves you open to security vulnerabilities, and often you have to use the manufacturer's software to update, so there is no avoiding it. And there are plenty of features I can think of being pushed to hardware wallet firmware which I absolutely wouldn't want on my hardware wallet, such as support for various useless altcoins, games, ability to take screenshots, etc.

I would not immediately update in this case, since the new firmware update may contain fresh critical bugs or vulnerabilities. This problem creates a danger only with physical access to the device. Online, Trezor is still safe, isn't it. Can wait a while, and then update the device.

Goddamn, this sneaky dude got me as well! It appeared to me that this happened recently - which would mean the firmware would have been seriously outdated - but I reckon it would have been possible: get a ton of coins, forget it for almost 10 years, find it again and need to look for a hacker since you forgot the PIN.

Correct! On this topic, today I read this tweet by SeedSigner guys.
Which leads to a GitHub made just about disabling the WiFi / BT combo chip.
https://github.com/DesobedienteTecnologico/rpi_disable_wifi_and_bt_by_hardware

They're not just cutting the antenna, they're removing the chip's power source, so it just can't turn on again.

---

Some extra thoughts since I saw this mentioned a few times:
1) 'they just want to make money' - of course, that's what companies do. They have to pay their employees, their researchers and pay for security audits, for the whole infrastructure and much more. They need to make a profit to survive.
2) 'if they add feature X, I need a new wallet' / FOSS solutions keep working the same for years to come - Obviously, you can choose not to update if you don't like a feature. Further, many criticized features are only in the software suite on the host. Good wallets should support usage with Electrum or Sparrow, so by just not using the wallet's 'original' software, you completely avoid the issue.
3) 'DIY is more secure' - I love DIY and FOSS myself, and do believe it can be more secure in many cases, just due to more eyes looking at the code. It's also great that you can remove a feature and recompile without that, for instance. However this is not limited to DIY wallets, but it's also the case for any other open-source wallet.

I am not going to recommend anyone to use paper wallets that can create much bigger problems for general population than hardware wallets ever would.
But I agree with you that hardware wallets are a mess now and most of them are living in their closed ecosystem just trying to make some profit from this devices.
DIY might be the best option that is flexible and you will be able to adjust accordingly if something changes in future.
Whatever you choose, best thing is to keep everything simple and don't complicate to much.

Pin code is the password in this case that only contain numbers, and it's tied to specific device.
I was not talking about passphrase that is something totally different from password or pin.

You were probably referring to the PIN code, not a password. The guy in the video forgot his PIN. More precisely, his friend, the professional poker player who has a photographic memory, forgot a 5-digit PIN code .

I agree. He sounds like an interesting guy I would definitely want to talk to. Plus he seems willing to help people who find themselves in a similar situation. He said that at the end.

If he can make a Trezor glitch and go into debug mode, I am sure he could find a way to trick the device into accepting an older firmware.