Bitcoin Forum

I'm interested in knowing a little bit of information regarding the hacking vulnerabilities that online hardware wallet sellers are doing in the marketplace. It is natural to have good security as long as we use a hardware wallet to store some bitcoin. Can we find out the wallet has been manipulated by the seller by injecting a virus that is not detected by the user?

Check out this post https://bitcointalk.org/index.php?topic=5321850.0
Although it does not cover all the possibilities it gives you an idea of what can happen.

The biggest vulnerabilities are still user mistakes, if you don't pay attention no matter how secure your wallet is it will not matter, and deliberate attacks against someone.
If someone knows you have 2500BTC sitting somewhere you are a much bigger target then someone who only has 0.1BTC
 
-Dave

If you buy such devices directly from the manufacturer, then you reduce that risk to a minimum as you throw out intermediaries (resellers) from the supply chain. Yet there is still the possibility that someone may intercept the package, open it, and modify the firmware or hardware.

As for hardware integrity checking, what I do know is that Ledger (https://support.ledger.com/hc/en-us/articles/4404382029329-Check-hardware-integrity?support=true) has instructions for doing that, but also that this procedure means that the device can no longer be replaced in case of damage during the procedure. Also when installing the firmware Ledger checks to ensure the authenticity of the firmware as well as whether the device is genuine.

Apart from the possible modification of the hardware, the biggest danger is in the pre-configured devices, but because of that each device should be reset and re-initialized if we want to be completely safe.

Whatever hardware wallet you end up buying (if you do), just make sure you follow the official security documentation that tells you how to verify the software and hardware components of it.

But it is worrying that criminals have found ways to create identical devices with replacement chips (https://bitcointalk.org/index.php?topic=5344317.msg57398196#msg57398196) that contain fake firmware. You wouldn't notice a physical difference if you compared it to a genuine device. But such a fake device has to communicate with a fake software as well. If you connected it to Ledger Live to install an app for your coin, it wouldn't be able to connect to Ledger servers.

You can't find that if anything like that exist in code if hardware wallets are closed source like ledger or safepal, that can have dormant and hidden backdoor or malware for years before activation,
in similar way like fbi created and sold fake privacy phones.
It is important that you always order hardware wallets only from official website or from authorized reseller, and after that follow instructions to Check Integrity of Hardware Wallets (https://bitcointalk.org/index.php?topic=5351249.0).
Fake devices can be sent to people when leaked database exist, like in case with ledger, so scammers can modify device like it happened recently:
https://bitcointalk.org/index.php?topic=5344317.0

Just like you should always verify the authenticity of an open-source software wallet, you should do it for a hardware wallet too. You must never download a software wallet, even open-source, outside its official site unless you've verified the binaries. Even if you've downloaded from the official site, you ought to verify the signature using the public key of the creator in case the website is temporarily compromised. The exact same thing happens with the firmware of the hardware wallets.

For instance, @Pmalek describes how to verify the downloaded version of a Ledger Live: https://bitcointalk.org/index.php?topic=5355418.0

Just for your information, I haven't bought any wallet so far and only used electrum to store my bitcoin. My question above is a form of my doubts about the potential scams committed by online hardware wallet sellers in the marketplace. Even I don't know how to operate a wallet nowadays, so I think I should learn a lot about it.

I read somewhere online that bitcoin has high security features if the user can do the right practices to secure it. This means that the fault is not with the bitcoin, but on the users themselves who fail to secure their bitcoin with proper practices.

---

Resetting and reinstalling it, won't it break the functionality of the wallet itself, or won't it affect anything on the device and the device will return to factory settings?

---

I will buy it in the future, but I really have to learn it from now on. To verify, I hope I can find the correct toturial later.

---

That's a clear example of why I asked about potential online seller scams. Buying it from the official site would be the core solution to clear my doubts.

---

Thanks for reminding me, I'll start learning little by little before buying it.


Sorry I don't have anything to share with you for a helpful answer. But I see someone has given you enough for that. Thank you The Pharmacist.

You almost eliminate them if you buy a hardware wallet. Basically, the folks who use non-custodial wallets such as electrum (https://electrum.org/#home) have a background behind this technology or have learnt the dangers when you, own, yourself Bitcoin[1]. Indeed, we must be aware of keyloggers, viruses or any other malicious application that may gain access to our private keys. Especially if the device isn't air gapped.

---

Good for you that you aren't buying before you understand how it works. Few do it. Once you download some softwares such as Bitcoin Core (https://bitcoincore.org/) which is a bitcoin client (you're running a node (https://learnmeabitcoin.com/beginners/nodes)), or Electrum that I mentioned above, you'll feel more familiar.

[1] Apparently, saying that you own bitcoins isn't sufficient anymore. It could bring confusion if you hold them into an exchange. Saying you own yourself may be clearer.  :P

That's exactly right. The Bitcoin protocol does exactly what it's supposed to do. It's the end user who makes mistakes and then blames it on the coin, wallet, exchange, etc. When people suffer financial losses they call the features that bitcoin possesses weaknesses. But irreversibility is not a weakness. Those who are used to traditional banking don't understand that once your transaction is confirmed, that's it. There is no customer support to turn to to fix it or say you were hacked.

If you send coins to the wrong address - Bitcoin worked as advertised, it was you who made a mistake.
If you don't backup your seed properly or at all and you lose access to your coins - Bitcoin still functions the way it's supposed to. You just didn't do what was necessary to protect what you have.   
If you overpay the transaction fees by 500% - Bitcoin didn't scam. It did what you wanted it to do. 

No, that just wipes the device clean and resets it to the state it was in when you first bought it. You can use multiple seed phrases with the same device if you wanted to. But it would be tiring having to recover different wallets from seed if you do that often.

A getting started guide would either come with the package or it will point you towards the correct link where you can read more about it.

Please do not purchase second-hand or used hardware wallets. It is possible for someone to modify the wallet physically that might not be immediately evident. Most hardware wallets are sealed and sold in tamper-proof bag and for a very good reason. It is possible for someone to fabricate something that could communicate in the same manner and be functionally the same, might be a bit difficult but it can still be possible.

Factory-reseting the device merely wipes the device but might not be sufficient to guarantee security. Considered it compromised if the tamper-proof bag(if any) has been tampered with. There isn't a very easy way to validate the authenticity of the wallet without cracking it open to inspect the PCBs and validate the firmware either.

Your wallets, if it is unmodified, are designed to only accept updates signed by the manufacturer. Assuming your device is guaranteed to not be tampered with and the signers are not compromised, then you should be fairly safe. I'll probably load up an update to make sure. There were cases of some lame social engineering techniques which tricked the user into using keys that were generated by the previous users. Just be aware of that.

As Pmalek has said, resetting the device will simply wipe your data from it - it won't break the device. Note, however, that it does not necessarily reset it to "factory settings" or guarantee your safety. If an attacker has pre-initialized the device and set up a malicious seed phrase, then yes, resetting the device will wipe that and let you initialize it again from scratch. If, however, an attacker has been successful in swapping out some of the hardware or flashing their own malicious firmware, then resetting it will likely achieve nothing. The better thing to do is to update the device with firmware you have downloaded and verified.

dkbit98 shared a video a little while ago in this post (https://bitcointalk.org/index.php?topic=5344317.msg57398196#msg57398196) which shows someone replacing the chip in a hardware wallet with an identical looking chip which mounts itself as external storage with malware designed to steal seed phrases. You still have to be pretty naive to fall for it (since it involves running software and entering your seed phrase), but physically inspecting the hardware is not a completely reliable method.

Ahh thanks! That's quite interesting indeed.

I wasn't aware of this for Ledger. To be fair, any process that requires you to open up your hardware wallet to inspect already compromises the integrity of it so i wouldn't recommend it regardless. I'm wondering if ColdCard's boot check with the LEDs can prevent scenarios like these.

My understanding of the ColdCard boot check (and please correct me if I'm wrong), is that the checksum is verified on the secure element itself, and the secure element controls the red/green LEDs directly. Given that, could an attacker not replace some hardware which would feed a fake checksum to the secure element for verification? Or they could simply decouple the LEDs from the secure element altogether?

As bitcoin gets more valuable and more popular, I'm sure we will start to see more and more advanced attacks.

There is no way to return hardware wallet to exact factory settings, and chip memory could in theory still hold some of your old seed words.
If you want to be totally sure that there are no leftovers in your hardware wallet device you should first do a reset and then used good old tool called hammer and smash your device to pieces.
100% guaranteed nobody will be able to extract anything after this.

I don't think any boot check can prevent this but Coldcard now adds epoxy glue to it's components inside, so it's harder for anyone to replace chips.
Scammers can always try to do it or build their own cloned device with their components that also has epoxy, but this operation won't be cheap  :)

Years ago, there was a company (nothing crypto related) that tried something years ago for tamer proofing security electronics like this.

It was a blob of one type of epoxy blob over the component, a piece of metal on top of it, then another different type of epoxy on top of that and on top a different piece of metal.

The theory was that with all the different characteristics of the metals & epoxy getting it off would do so much damage that tampering would be obvious. Didn't work. Just took longer to get it apart.

Which is why you need to secure your hardware wallet and know where it is all the time. A lot of people forget this rule. Because if a bad person has access to it for 5 minutes you are in a lot less trouble then if they have it for 5 weeks and you don't even notice.

-Dave




 

You can't feed a fake checksum, the pairing secret is also hashed and cross checked by the secure element.

I agree with both your assessment though. It isn't impossible to fool the users using methods like these which is also why most hardware wallets are either shipping with tamper evident bags or seals at the very least. Acquiring a second hand device just means that the user would be completely bypassing it.

Seriously, I almost peed my pants when I read your best advice for getting 100% security out of a hardware wallet. LOL

---

Your answer made me understand the steps better, it helped me enough to understand it quickly. Sorry that I'm still fairly new here to be still pretty dumb at understanding hardware wallets and how to deal with vulnerabilities to their security.

I'm glad to see all of you coming to this thread to help me understand vulnerabilities to fraudulent attempts by online hardware wallet sellers and how I can deal with them. In essence I can understand that there are always vulnerabilities to the security of our bitcoins even if we store them in a hardware wallet if we can't verify the authenticity and security of the over-the-counter devices online. The only way to avoid seller manipulation is to buy it from the official site, and that's the conclusion.

I will be glad if you all come back on another occasion in my other thread to answer and improve my knowledge about bitcoin, thank you all.

I partially agree. Buying from the official site should be a bit safer. Although I don't think any official resellers are malicious and would attempt to modify the devices they receive. Anyways, it all boils down to trust. Do you trust those who manufacture the wallet, and if you do, do you also trust that they selected good partners to be their resellers, or you don't.

Whether or not to buy from the official site also depends on your location. Trezor is from the Czech Republic, so I assume they ship all their devices from there as well. If you are in Vietnam, Canada, UAE, or some other distant location, you might save some money on shipping by buying from a local reseller who might be just around the corner rather than shipping your product from a different continent. Some might say you shouldn't save money on security, but I still thin it's a valid point. 

It's not so much that the company themselves are malicious, but rather that it adds in many more people who will handle your device before you receive it. If you buy directly from the manufacturer, then it gets wrapped up and shipped by the manufacturer, and provided no one en route opens your package, then the only other person to touch it is you. If you buy from a reseller, it goes from manufacturer to reseller, the reseller needs to unload them all from the truck, unpack the boxes they came in, process them through their inventory system, potentially package them back up for distribution to individual stores or reshipping locations (in which case you can repeat all the previous steps again), then either go on display in a store or get packaged for shipment to you. That's a lot of extra people in the supply chain. Sure, the reselling company may be entirely legit, but are you confident about every single one of those additional people they employ?

And then, the only advantage you really get is that in case customer data is leaked again, there's no way anyone would know yu specifically bought a HW from these resellers. Saving yourself from both situations of data leaks and intermediaries is so easy to do: order on a fake name at a PO box and there you go. Now you got a product coming straight from the manufacturer with no risks of your personal data leaking out. I think it's more efficient than going through resellers and so.

I would go a step further and say that someone could replicate a HW wallet, but use entirely different equipment and firmware. A reseller could purchase their own tamper-proofevident bags/seals to make it appear the HW wallet came from the stated manufacturer. The fake HW wallet may look very similar to HW wallets produced by the claimed manufacturer and may interact with wallet software the same way.

An attacker would not need to fake the checksum. An adversary could simply produce a device that looks for a different checksum.

This can also happen if your purchase hardware wallets from the official manufacturers. The chances are lower but all it takes is 1 or 2 rogue employees. The same kind of rogue employees that leaked or backdoored the databases of Ledger and Shopify and created a lot of mess because of it. I agree with you and o_e_l_e_o though. The more people that are in contact with the device, the bigger the chance that something bad can happen. Rogue employees are a serious threat model. I think we don't understand how big.

I have never understood people's faith in tamper-proof sticks, seals, bags, boxes, or whatever. These are incredibly easy to fake. Hell, I can go on Amazon and buy 500 generic tamper proof stickers for 20 bucks. There are hundreds of companies which will create custom designs for you for not that much more. And if an attacker is sophisticated enough to either replace a chip inside a hardware wallet or build a fake replica from scratch, why would they not be sophisticated enough to fake a tiny sticker?

Unless you have a build-it-yourself hardware wallet with open source hardware and open source firmware running open source software on your attached computer, then the risk will never be zero, regardless of how many checks and verifications the wallet goes through. It's part of the reason I'm moving more and more towards encrypted cold storage devices instead as time goes on.

There mere presence of a tamper-evident seal means very little. The presence of a tamper-evident seal provides more value when the person checking for the seal is familiar with the seal, what it should look like unbroken, and what it should look like broken. They provide additional value when there is a serial number on the seal that needs to match some kind of log that was received separately.

There is less security added when someone is receiving an item on a one-time basis that has a tamper-evident seal. As you noted, these can be faked, I don't think it is as trivial as you say, but it is probably not terribly difficult for a sophisticated attacker. I would say that using a security sticker is probably better than not using one, and I don't think there is much more that can be done to ensure the HW wallet is not tampered with.

Sure, but as you say, almost everyone buying a hardware wallet is going to be unfamiliar with the exact design of the seal being used. Any documents put inside the box showing what the seal should look like or linking to a webpage showing what the seal should look like can also be manipulated by an attacker.

This is a good idea. Are there any hardware wallet providers which do this? Although it still doesn't stop an attacker who can print their own tamper proof seals from intercepting your package, manipulating your hardware wallet, and then immediately printing and attaching an identical seal.

I don't think so. I was describing a common practice that some banks use when shipping cash.

I don't think it is trivial to print or print on a tamper-evident seal. Although as I previously posted, it is probably not difficult to procure a tamper-evident seal that looks a particular way. This means the attacker would need to have the specific serial number in advance or order a particular serial number seal after he obtains possession of the HW wallet.

The advantage of using a serial number seal is that an attacker will need to take additional time to forge the seal. The delay should set off red flags to the end-user.

*I also specifically use the term "tamper-evident" not "tamper-proof" as these types of devices cannot guarantee they have not been tampered with, and it is possible to defeat the device.

You are saying ..."sold online in the market" ..so I presume that you are referring to second hand hardware wallets? The new hardware wallets that you buy directly from the hardware manufacturer are safe, but you have to check if the hardware wallet was tampered with in transit to you.

The second hand hardware wallets that are being sold online (as new) should NEVER be trusted, because the previous owner had access to the Seed and can easily monitor the wallet to see if coins are being stored on it and then he/she can use that Seed to steal those coins from you... (common scam)

They seal the package as if it was sealed at the manufacturer, so you will think that it is new. They will say something like.. "Won in a raffle, brand new"... etc.. etc.  >:(

You should never trust a hardware wallet that is shipped to you with an already pre-configured seed no matter where it comes from. If that is the case, the wallet should be reset to factory settings and you have to create a new seed. Unless the hardware was also manipulated and you are tricked into using a fake phishing software, that device shouldn't be able to connect to genuine Ledger/Trezor software, for example.   

I doubt I would trust any "second hand" hardware wallet... configured with a seed or not. Unless you're willing to crack it open and inspect the hardware (and there are sources available to indicate whether it has been tampered with) and you can reflash the entire firmware, one could never be sure exactly whether or not the unit had been modified in some way.

I think i'd be approaching Jerry levels of paranoia if I purchased a 2nd hand hardware wallet! :D

You can try, but he is still in a separate category that hardly anyone can achieve - although I would not call it just paranoia, there is much more to it...

---

Define safe? It doesn't have to be that someone in the supply chain was naughty, the device can be messed up even in the company's factory or warehouse. In addition, it is not realistic to expect users to open devices and check hardware without doing even more damage, not to mention that this procedure voids the warranty. I think it has become a bit naive today to keep all the eggs in the same basket, referring to the fact that one should not trust one producer unreservedly regardless of reputation.

What to say with those who want to save a few $ and buy a used HW or a new one from the black market and then fall for the cheap trick of pre-generated seed? Unfortunately, nothing can save them from their own stupidity, their loss is someone's gain, cruel but true.

Non wallet but...Years ago, we used to receive security dongles that were vacuum packed with custom plastic with a serial number. Inside there was a dongle and a scratch off card. The card had 3 numbers on it.
#1 was the serial number of the bag

#2 was was a code that had to be entered to activate the dongle. Once that code was entered in the dongle it never needed it again so you knew if someone got it and activated it.

#3 was one you could enter online that would then display a 6 digit number there were some button pushes you would do on the dongle and if it was not tampered with should display that same number.

No idea how secure it really was, but it did give you that warm feeling that they were trying.

-Dave