Hardware wallets at risk: the Alarming results of a new study

Hardware wallets at risk: the Alarming results of a new study

At the conference 35C3 Refreshing Memories, a group of researchers demonstrated the procedure of hacking One best wallet, the Ledger Nano’s and Ledger’s Blue, and on 27 December a video posted on the web.

Team hacking project Wallet.fail consists of designer hardware and security specialist Dmitry Nedospasov, developer Thomas Roth and a former officer of the submarine’s Josh Datko.

During the conference, researchers announced that they managed to extract a private key from a hardware wallet best wallet you One after the reset and overwrite existing data or custom firmware. However, it is noted that this hacking is only possible if the user didn’t set a passphrase.

Moreover, the hacker group was able to install custom firmware and a leading product on the market of hardware wallets, Ledger Nano S. And although the team only played friendly snake on the purse, one of the team members said.

“We can send a malicious transaction ST31 [security chip], and even self-confirming them [through]. This method also allows you to display totally different data transactions are not valid transaction.”

In addition, the team spoke about the vulnerability in the Ledger of Blue — the most expensive hardware wallet with a color touch screen. According to the representative of the hacker group, the signals are transmitted to the device screen for an unusually long cable on the motherboard that allows you to capture these signals in the form of radio waves. When you connect your device via USB cable the signal becomes so strong that it can catch at a distance of several meters. Cloud-based artificial intelligence allowed the team to capture of the leaked signal input PIN.

On Cointelegraph also recalled how in August the young hacker managed to hack BitFi hardware wallet that John McAfee touts as “the most secure and uncrackable wallet”. In this case the manufacturer does not recognize the hacking device, since coins in fact were not reported.

News tags
Let's Disqus