https://www.kaspersky.com/blog/fake-trezor-hardware-crypto-wallet/48155/ Solutions for: * Home Products * Small Business 1-50 employees * Medium Business 51-999 employees * Enterprise 1000+ employees Kaspersky official blog * My Account + My Kaspersky + My Products / Subscriptions + My Orders * Products + o PREMIUM PROTECTION Kaspersky Premium Complete protection for your devices, online privacy & identity o ADVANCED PROTECTION Kaspersky Plus Combines security, performance & privacy features in one app o STANDARD PROTECTION Kaspersky Standard Enhanced protection with device performance booster + o Privacy & Kids o Kaspersky Safe Kids o Kaspersky VPN Secure Connection o Kaspersky Password Manager o View All Solutions * Renew * Downloads * Support * Resource Center * Blog + Business + News + Privacy + Products + Special Projects + Technology + Threats + Tips + RSS + Newsletter subscription * Secure Futures * [ ] * Solutions for: * Home + Security Solutions o Kaspersky Premium o Kaspersky Plus o Kaspersky Standard o View All Solutions o Privacy & Kids o Kaspersky Safe Kids o Kaspersky VPN Secure Connection o Kaspersky Password Manager + Renew Licence + Support + Trials&Update * Business + Small Business (1-50 employees) + Medium Business (51-999 employees) + Enterprise (1000+ employees) * * Search blog posts * Blog + Business + News + Privacy + Products + Special Projects + Technology + Threats + Tips + RSS * About us + About company + Transparency + Corporate News + Press Center + Careers + Sponsorships + Policy blog + Contacts * Partners + Find a Partner + Partners * My Account + Personal o My Kaspersky o Renew your product + Business o KSOS portal o Kaspersky Business Hub o Renew your License [ ] Search * [bug] cryptocurrencies Case study: fake hardware cryptowallet Full review of a fake cryptowallet incident. It looks and feels like a Trezor wallet, but puts all your crypto-investments into the hands of criminals. * [stanis] Stanislav Golovanov * May 10, 2023 Review and analysis of fake Trezor cryptowallet Easy to steal and cash out, sryptocurrency is one of the most attractive digital assets for attackers. Accordingly, serious investors often use hardware cryptowallets to protect their crypto-investments. Such a wallet stores private keys away from vulnerable computers and smartphones and makes it much safer to sign transactions. But unfortunately, owning a hardware wallet doesn't guarantee the safety of your funds, as one of our clients has learned the hard way. Hack symptoms Attackers worked stealthily: on a fateful day in the transaction history of a cryptowallet there appeared an operation in which a large sum of money was transferred to someone else. However, no transactions were performed on that day by the victim at all. Moreover, the cryptowallet wasn't even plugged into a computer! Aaand... It's gone! Aaand... It's gone! Dissecting the wallet The victim had purchased the rather popular hardware wallet Trezor Model T. It uses fully open-source code -- both software and hardware-wise -- and is based on the popular STM32F427 microcontroller. The Trezor Model T vendor has undertaken a wide range security measures that, in theory, should reliably protect the device from attackers. Both the box and the unit housing are sealed with holographic stickers, the microcontroller is in flash memory read-out protection mode (RDP 2). The bootloader checks the digital signature of the firmware and, if an anomaly is detected, displays an unoriginal firmware message and deletes all the data in the wallet. Accessing the device and confirming transactions require a PIN code that -- even though it doesn't protect the master access key (a base for generating the mnemonic seed phrase) -- is used to encrypt the storage where it's kept. Optionally, in addition to the PIN, you can protect your master access key with a password as per the BIP-39 standard. Do not use me, I am unsafe! Do not use me, I am unsafe! (Source) At first cursory glance, the wallet we examined appeared to be exactly the same as a genuine one, and showed no signs of tampering. The unit was bought from a trusted seller through a popular classifieds website, and the holographic stickers on the box and the wallet itself were all present and undamaged. When started-up in update mode, the wallet displayed firmware version 2.4.3 and bootloader version 2.0.4. Fake wallet update mode screen Fake wallet update mode screen When handling the wallet, nothing felt suspicious either: all the functions worked as they should, and the user interface was no different from the original one. However, mindful of the theft that had occurred via it, we delved deeper. And that's where our interesting discoveries began. Right off the bat, we found that the vendor had never released bootloader version 2.0.4. The project change history at GitHub concisely states that this version was "skipped due to fake devices". After such an intriguing statement, we just had to reach for the scalpel and begin our dissection, of course... What on earth is version 2.0.4? What on earth is version 2.0.4? The housing was difficult to open: its two halves were held together with liberal quantities of glue and double-sided adhesive tape instead of the ultrasonic bonding used on factory-made Trezors. Even more curiously, inside there was an entirely different microcontroller showing traces of soldering! Instead of the original STM32F427, the unit had an STM32F429 with fully deactivated microcontroller flash-memory read-out protection mechanisms (RDP 0 instead of RDP 2 in genuine Trezors). It looked perfectly genuine from the outside; however... (left -- original, right -- fake) It looked perfectly genuine from the outside; however... (left -- original, right -- fake) Thus, the fake cryptowallet theory was proved true: it was a classic supply-chain attack in which an unsuspecting victim buys an already-hacked device. But the actual cryptocurrency stealing mechanism was still unclear... Trojan firmware We won't repeat the commonplace truths about cryptowallets that we covered earlier, but we've just one little reminder for you: a cryptowallet contains your private key, and whoever knows that key can sign any transaction and spend your money. The fact that the attackers were able to conduct a transaction while the offline wallet was stashed in its owner's strongbox means that they either copied the private key after it was generated, or... they knew it all along! Thanks to the deactivated flash-memory read-out protection, which our attackers decided not to turn on after the new microcontroller was soldered in, we easily extracted the wallet firmware and, by reconstructing its code, discovered that the attackers indeed knew the private key in advance. But how? The original bootloader and wallet firmware received only three modifications: First, the bootloader-checks for protection mechanisms and digital signatures were removed, thus getting rid of the "red screen" problem during the firmware originality check at startup. Second, at the initialization stage or when resetting the wallet, the randomly generated seed phrase was replaced with one of 20 pre-generated seed phrases saved in the hacked firmware. The owner would begin using it instead of a new and unique one. Third, if the user chose to set an additional master-seed protection password, only its first symbol (a...z, A...Z, 0...9 or ! for any special character) was used, which, together with the no-password option, gave just 64 possible combinations. Thus, to crack a given fake wallet, only 64*20=1280 variants were to be considered. The fake cryptowallet would operate as normal, but the attackers had full control over it from the very beginning. According to the transaction history, they were in no hurry, waiting a whole month after the wallet was credited for the first time before they grabbed the money. The owner had no protection whatsoever: the game was lost from the very moment the money first arrived in the Trojan wallet. How to prevent the fake device threat It's not easy to tell a fake cryptowallet from a real one without special knowledge and experience. The main safeguard is to buy your wallet directly from the official vendor and choose models with special versions of protected microcontrollers (even original Trezors aren't ideal in this sense: there are other brands' wallets with better protected chips and extra protection mechanisms). It should be remembered that even an authentic and unmodified wallet can be vulnerable to a number of threats. The priority measures include the use of a password (if supported by your wallet), and, of course, protection for all computers and smartphones. * bitcoin * blockchain * cryptocurrencies * cryptowallets * Ethereum * hardware wallets * scam * supply-chain attack * threats [protect-yo][protect-yo] Related Hot crypto wallet, cold crypto wallet: what are they, and how are they stolen from? Five types of attacks on hardware crypto wallets Four top tips for blockchain asset security Protecting crypto investments: four key steps to safety Understanding the mechanics of the darknet deepfake industry. * Read next How real is deepfake threat? Understanding the mechanics of the darknet deepfake industry. Understanding the mechanics of the darknet deepfake industry. * # Kaspersky Team * May 9, 2023 Tips * [chip] Tips Five types of attacks on hardware crypto wallets Hardware crypto wallets are effective at protecting your cryptocurrency, but they can still be stolen from. Let's address the risks their owners need to be protected from. * # Stan Kaminsky * April 20, 2023 * [chip] Tips Keeping kids safe: a new variation on an old theme What enhancements to Kaspersky Safe Kids will help parents better manage their kids' gadgets and screen time and encourage healthy digital habits? * # Kaspersky Team * April 19, 2023 * [chip] Tips Protecting crypto investments: four key steps to safety How to reliably protect your cryptocurrency given the numerous fraud schemes and lack of protection through government regulation. * # Kaspersky Team * April 12, 2023 * [chip] Tips Turbocharge your VPN How to set up modern VPN services to significantly speed up the connection and access new content securely. * # Stan Kaminsky * April 5, 2023 Sign up to receive our headlines in your inbox * Email Address* [ ] * * * + [ ] I agree to provide my email address to "AO Kaspersky Lab" to receive information about new posts on the site. I understand that I can withdraw this consent at any time via e-mail by clicking the "unsubscribe" link that I find at the bottom of any e-mail sent to me for the purposes mentioned above. [Sign me Up] Home Solutions * Kaspersky Standard * Kaspersky Plus * Kaspersky Premium * All Solutions Small Business Products 1-100 EMPLOYEES * Kaspersky Small Office Security * Kaspersky Endpoint Security Cloud * All Products Medium Business Products 101-999 EMPLOYEES * Kaspersky Endpoint Security Cloud * Kaspersky Endpoint Security for Business Select * Kaspersky Endpoint Security for Business Advanced * All Products Enterprise Solutions 1000 EMPLOYEES * Cybersecurity Services * Threat Management and Defense * Endpoint Security * Hybrid Cloud Security * All Solutions Copyright (c) 2023 AO Kaspersky Lab. All Rights Reserved. * Privacy Policy * Online Tracking Opt-Out Guide * Anti-Corruption Policy * License Agreement B2C * License Agreement B2B * Contact Us * About Us * Partners * Blog * Resource Center * Press Releases * Sitemap * Securelist * Threatpost * Eugene Personal Blog * Encyclopedia * * * * Global * Americas * Brasil * Mexico * United States * Africa * South Africa * Middle East * Middle East * lshrq l'wsT * Western Europe * Deutschland & Schweiz * Espana * France & Suisse * Italia & Svizzera * Nederland & Belgie * United Kingdom * Eastern Europe * Polska * Turkiye * Rossiia (Russia) * Kazakhstan * Asia & Pacific * Australia * India * Zhong Guo (China) * Ri Ben (Japan) * For all other countries * Global