Fake Hardware

Published by Franziska on

First, some background: A hardware offline wallet is a wallet for cryptocurrencies or a kind of decentralized bank account. It can be used to collect, exchange or send cryptocurrencies. Such wallets have various forms, but the most popular are the devices that can be connected via USB. They usually work together with a mobile app or a computer program.

Along with Ledger and KeepKey, the Czech company Trezor is one of the oldest and most well-known wallet manufacturers. The company itself drew attention to the counterfeit hardware in 2019. The imitation was a 1:1 copy of the hardware wallet “Trezor One” and could only be determined by small differences in the packaging. The counterfeit device originated from China, which is why it was pointed out that buyers should be especially careful when purchasing Trezor products from dubious third-party vendors at a conspicuously low price.

Known ways of attacking hardware wallets are:

  • Mal-hardware exchanges recipient coin addresses: The mal-hardware looks for high-value transactions on a PC and then exchanges the authentic coin address of the recipient for an address controlled by the attacker.

  • Insecure RNG (random number generator): hardware wallets (and also software wallets) rely on the security of a pseudo random number generator embedded in the hardware (or software) to generate the private key securely. Unfortunately, it is notoriously difficult to verify the true randomness of the RNG. An insecure RNG can generate wallet keys that can later be recovered by an attacker, for example, by being limited to only 100 billion keys as a possible outcome. A good random number generator would have much higher entropy. To a user, that still looks very random. But the 100 billion keys can be sampled by an attacker in a few hours.

  • Imperfect implementation: The security of all devices depends on the quality of their implementation. Hardware wallets are no exception. Flaws at the software, firmware, or hardware level can allow attackers to break into a hardware wallet and get unauthorized access to secrets. Even if the design is perfect, proving the security of a hardware or software implementation is a very difficult, usually unsolved problem.

  • Compromised production process: Even a perfect software and hardware implementation of a hardware wallet would be open to a corrupt production process that intentionally or unintentionally introduces security leaks into the final product. Existing hardware backdoors are a real problem for high-risk financial and military applications.

  • Compromised shipping process: A compromised shipping process can replace or modify secure devices with superficially identical but insecure replacements. It is known that there are government programs that intercept hardware and modify it along the way to insert backdoors.

  • Recovery seed: criminals sell real hardware wallets but include an alleged recovery seed key. This is supposed to be scratched free by the user and used to initialize the hardware wallet. However, the seed is known to the criminals and allows them to withdraw the funds from the associated addresses.
Fake hardware and original (right) are hardly distinguishable.