Radio antennae have for long known as the most original tool of networking technology. Recently, a group of researchers in Berlin demoed how the technology can be used as a useful hacking tool.
The hardware researchers carried out the study to figure out various types of vulnerability in the hardware wallets used by cryptocurrency holders inclusion Trezor and Ledger. The demo was held at the Chaos Computer Club Conference where Dmitry Nedospasov, a hardware hacker, reportedly said that he together with his team was able to find three main vulnerabilities in the ledger wallets.
The vulnerabilities were found in the supply chain, the initial stage where the attacker gets access to the device before its owner gets it. Besides, side channel attacks where the hacker attacks the hardware rather than the code; and glitch attacks where the hacker attempts to disrupt the transmission of the data within a device were the vulnerable areas were highlighted by the researchers.
According to reports, the three collaborators were from Russia, the US, and Germany. For the investigation, they primarily used Telegram group chat. The team exchanged 50,000 messages and 1,100 images to draw the conclusion or carry out the attacks to prove their respective points. During the presentation, Nedospasov said that it took them really long to draw a conclusion.
He also revealed that they used simple antennae in the two most striking attacks which the Ledger didn’t recognize the attacks alarming. Commenting on the findings, Nicolas Bacca, CTO at Ledger said through a spokesperson that the scenarios as explained by the researchers does not hold ground and are most unlikely to happen. He further said that the company updates and implements firmware countermeasure to commit to the highest security measures of wallet integrity against the hackers. The company has publicly opposed the claims of the research through one of its blog posts.
Josh Datko, owner of security consultancy Cryptotronix also criticized the findings of the research and said that although it is easy to carry out supply chain attacks, it is really hard to perform at scale. Datko supported his point saying that manufacturers seal the hardware box with a sticker to ensure that when it reaches the customer the seal is safe. A broken seal is a direct sign of tampering. There are many ways the maker tries to keep the consumer informed of any wrong transaction. For instance, the Ledger Nano S deploys an on-device function to safeguard the users from any wrong transaction. The users of the device are required to verify each transaction which helps to keep away the wrongdoers or the hackers. This allows the user to reject any suspicious transaction.
Datko, however, also noted that it is still possible to open a Ledger and download an internal receiver for the tampering purposes. The antennae, in fact, can be used to authenticate a transaction automatically and that too without having to physically touch the device or hardware. Although the trick is not easy, the hackers still have a way to crack into Ledger wallets.