private key stealers embedded into android, ios, OSX and Windows also hardware

[jubalix]

At this point is it realistic to assume that any large closed OS has code to try and get your private keys?

The way I look a it is this.

[1] Some person working at mega corp x, is a very skilled programmer, but for various reasons is not paid well and is not treated well. I imagine this goes in the 1000's of people at this level if not 100,000's

They decide to embed some code in a very hard to detect way that looks around for private keys especially at generation point and send them back to themselves.


[2] On the hardware a similar thing.


The upshot being you can only trust air gapped computers and transfer signed transactions by qr code.

Would you feel safe with a linux distro and not air gapped?

[1715691302]

1715691302

[1715691302]

1715691302

[pereira4]

It's only sane to assume that Windows, IOS and so on are all compromised. After Windows 7 it got increasingly stupid with the amount of "telemetry" that Windows 10 tracks.

As far as an employee being feed up and attempting to sniff packets to get private keys, it's perfectly possible. I wish I could look at the code of Windows 10, it's probably a gargantuan mess. It's a decades old software, I doubt that they start from scratch. It must be the typical software that still has bits from older versions. Over time the code accumulates so much crap that it becomes unreadable. I would assume that they hire people to clean it but still, it must be huge enough to drop malware in there. However the risk is so high, they must keep track of who is adding what. Would you risk a position in Microsoft for this? The code to pull this would probably be complex enough to stand out... honestly I have no idea if this can be pulled.

In any case, it's just dumb to use closed source software for anything Bitcoin.

Hardware wallets could have compromised RNGs. And the Trezor software in Windows has been caught "phoning home" before through trezord.exe...

Air gapping with non compromised hardware it's still the ideal setup.

[figmentofmyass]

The upshot being you can only trust air gapped computers and transfer signed transactions by qr code.

this is my default position. i only sign transactions offline on an airgapped machine. how vulnerable do you think this setup is when using USB thumb drives instead of QR code?

Hardware wallets could have compromised RNGs. And the Trezor software in Windows has been caught "phoning home" before through trezord.exe...

supply chain attacks and, frankly, yet unknown attack vectors are enough to make me avoid hardware wallets. https://twitter.com/peterktodd/status/1126182358246481920

[Chris!]

supply chain attacks and, frankly, yet unknown attack vectors are enough to make me avoid hardware wallets. https://twitter.com/peterktodd/status/1126182358246481920

Here here! There are always vulnerabilities coming to light and it would be easy for these smaller companies to pull off a supply chain attack.


If I'm using a hot wallet on a device it's either for a quick transaction or a small amount that I could afford to lose. Everything else is in a paper wallet generated on an air-gapped system.

[Pmalek]

But why just Bitcoin and private keys? If there are such individuals why would they not go after your credit cards, bank accounts, Paypal and other payment systems?
One reason could be that the crypto market is unregulated, it is much harder to investigate and prove theft by the authorities, if they want to do it at all, depending on the country where the affected parties are from. 

[PrimeNumber7]

They decide to embed some code in a very hard to detect way that looks around for private keys especially at generation point and send them back to themselves.

Sending data to a third party should always be fairly easy to detect in code, and I don't think this would ever make it into production.

It would be more likely that a dev were to mess around with the RNG used to generate private keys, which would make the scope of possible private keys small enough to brute force, but large enough so that it is unlikely to be a collusion of addresses when private keys are generated at a "normal" rate expected by those using crypto not as a business, such as 10-20 addresses/month.

The above would not be prevented by using an air-gaped computer that is using the flawed RNG.

These operating systems have a very extensive QA process, and I don't think the above would ever make its way into production in any way.

The devs that write code for the OSs referenced in the OP are making well into 6 figures and are paid well by any reasonable standards.

[adaseb]

this is my default position. i only sign transactions offline on an airgapped machine. how vulnerable do you think this setup is when using USB thumb drives instead of QR code?

I used to use thumb drives to sign transactions back to the online computer but then got a little paranoid after reading some article that its possible to get some virus that can re-program the USB Bios (or whatever that part of the USB flash drive is)  and it can steal private keys when connected to the offline computer and when it gets back on the online computer it will send it to the hackers server. This seemed very rare but I decided to use QR code instead with air gapped digital camera's going back and forth.

[Wind_FURY]

OP, or megacorp's OS are secretly backdoored.

I would feel safer with Linux + hardware wallet.

But why just Bitcoin and private keys? If there are such individuals why would they not go after your credit cards, bank accounts, Paypal and other payment systems?

One reason could be that the crypto market is unregulated, it is much harder to investigate and prove theft by the authorities, if they want to do it at all, depending on the country where the affected parties are from.  

No. Bitcoin and cryptocurrencies are easier to move/keep, easier to mix/tumble, and easier to convert/exchange for fiat.

Credit cards, bank accounts, Paypal information are only good to sell in dark markets for Bitcoins.

[7788bitcoin]

At this point is it realistic to assume that any large closed OS has code to try and get your private keys?
The upshot being you can only trust air gapped computers and transfer signed transactions by qr code.
Would you feel safe with a linux distro and not air gapped?

If any legit company is adding any backdoor to steal something, hope you remember the consequence and fines they will be attracting and possible close down of the company, you do not need to be paranoid to this level, if you are downloading the software from legit sources then there is nothing to worry, so make sure you do not download from make shift sources on the internet if you are paranoid about any back doors.

[bitmover]

The upshot being you can only trust air gapped computers and transfer signed transactions by qr code.

Would you feel safe with a linux distro and not air gapped?

The problem with that approach is that it is more complex and there are a many vulnerabilities that can pop up if the  computer is not properly airgapped. And there are many reports of newbies losing funds using paper wallets.

For an average user it is much safer to just use a hardwallet in a common daily computer.
You can use a ledger nano in an infected computer. There is just a single step, which is to note down the seed and plug the device and you are 99% safe (unless a hacker have a physical access to your device.)

[fortunecrypto]

At this point is it realistic to assume that any large closed OS has code to try and get your private keys?

The way I look a it is this.

[1] Some person working at mega corp x, is a very skilled programmer, but for various reasons is not paid well and is not treated well. I imagine this goes in the 1000's of people at this level if not 100,000's

They decide to embed some code in a very hard to detect way that looks around for private keys especially at generation point and send them back to themselves.


[2] On the hardware a similar thing.


The upshot being you can only trust air gapped computers and transfer signed transactions by qr code.

Would you feel safe with a linux distro and not air gapped?

You mean any antivirus cannot detect that code, then we are all in trouble and whoever will do this will become filthy rich and people are going to question the safety of this software, so far it hasn't happened, but as a cryptocurrency holder we must good at keeping our surrounding safe from hackers and keeping your private keys.

[legendster]

You mean any antivirus cannot detect that code, then we are all in trouble and whoever will do this will become filthy rich and people are going to question the safety of this software, so far it hasn't happened, but as a cryptocurrency holder we must good at keeping our surrounding safe from hackers and keeping your private keys.

Let me give you a recent example.
https://www.express.co.uk/life-style/science-technology/1143651/Android-warning-malware-Google-Play-Store-security-June-23

Basically, these apps read the notifications that popped up. This is a security loophole that can be only detected if someone manually reviewed the code which is how these came to light.
There is no way an antivirus would know to detect these because reading notifications does not fall under the classification of a 'suspicious' activity.

It is highly unlikely that the average user would have the presence of mind and alertness to be one step ahead of the hackers. The term implies someone doing whatever it takes to achieve a target, this doesn't necessarily mean they'd break the rules. They can simply find loopholes.

[PrimeNumber7]

Hardware wallets could have compromised RNGs.

It would be more likely that a dev were to mess around with the RNG used to generate private keys, which would make the scope of possible private keys small enough to brute force, but large enough so that it is unlikely to be a collusion of addresses when private keys are generated at a "normal" rate expected by those using crypto not as a business, such as 10-20 addresses/month.

I agree, additionally bug/backdoor within RNG, PRNG, CSPRNG, etc. is difficult to nice even if the source code is available.
For example, bug in SecureRandom() implementation for Android in 2013. See https://bitcoin.org/en/alert/2013-08-11-android, https://crypto.stackexchange.com/q/9694 & https://www.mail-archive.com/bitcoin-dev@lists.linuxfoundation.org/msg06929.html

This is a problem, but I don't think it was something intentional as the OP's attack vector was an unpaid dev is intentionally inserting flaws into the OS to obtain keys. The amount of money involved when the android OS was being developed was a small fraction of the money in crypto today, and the amount of coin stored in android devices probably wasn't much more than a few hundred thousand dollars given the small number of physical merchants accepting bitcoin at the time.

[dothebeats]

But why just Bitcoin and private keys? If there are such individuals why would they not go after your credit cards, bank accounts, Paypal and other payment systems?

Easier to get off of the watchful eyes of the government and less likely to get nabbed for stealing such sensitive data. not unless a scandal was created and the whole thing was escalated into the media causing some serious discussions from the rest of the community.

--

I'd always like to think that whatever I'm using, I do not own wholly even if I paid for it in full. I can reverse engineer it, but the intricacies, especially the backdoors--that I know nothing about, and would bite me in the neck if I get careless with it. For that very reason, to avoid data uploads and such from my device, I have two separate machines for the sole purpose of storing sensitive information--primarily crypto and financial-related things. I have never been compromised, or should I say I have never lost coins with what I'm doing since early 2015 and hopefully I don't get to be a part of the statistic wherein people just magically lose their bitcoins in an instant due to a backdoor/hacker/malware etc.

If any legit company is adding any backdoor to steal something, hope you remember the consequence and fines they will be attracting and possible close down of the company, you do not need to be paranoid to this level, if you are downloading the software from legit sources then there is nothing to worry, so make sure you do not download from make shift sources on the internet if you are paranoid about any back doors.

Uhh, just no. I would still be paranoid even if I'm using a secure service and downloading from a secure site. Hackers can inject malware even on secure sites without the admin knowing about the said injection, and this has been done countless of times even on trusted servers where security is almost impossible to bypass. Fines are only fines; what I lose, I possibly won't get back once these guys get jail time.

Oh, I might add that there are some custom ROMs on Android wherein developers have injected malware to snoop on crypto wallets and/or hijack clipboards. I advice to avoid the use of such ROMs and only stick to the official OS your phone manufacturer provided you. I myself was a ROM hopper and have been using several custom ROMs to make my phone better, only to read news regarding people losing money off of their bank accounts for no reason and clipboards returning different addresses when sending money to someone else.

[Abdussamad]

The upshot being you can only trust air gapped computers and transfer signed transactions by qr code.

You can reveal the private key as part of the signature in a way that only the attacker can calculate. You can do this gradually  over many transactions. So airgapping doesn't stop malware in the offline system from stealing your keys.

[adaseb]

The upshot being you can only trust air gapped computers and transfer signed transactions by qr code.

You can reveal the private key as part of the signature in a way that only the attacker can calculate. You can do this gradually  over many transactions. So airgapping doesn't stop malware in the offline system from stealing your keys.

Can you provide more detail on this. I am confused what you are saying.

I don't think its possible to generate a private key from a signature or a signed transaction, even if there are hundreds of them. If it was that easy then exchanges wouldn't re-use the same BTC address with over 50K transactions.

Also if the airgapped offline machine has malware, how can that malware reveal the private key if its never connected to the internet. It would need to be some malware that runs together with the online computer but that seems too complicated to even work.

[crwth]

The programmers can do that, and they are probably going to jail, or they leave the so-called mega corp x, as you say, and go to another job and lead another way. I'm not sure how companies like that, who develop those kinds of software, could manage to get away with injecting a code like that. There's a reason why there are contracts to be signed by developers and programmers. I don't know about you, but that would violate agreements.

How would you know that you are safe when there are ways to get them still? Stealing the hardware would be the surest thing for one person to get your funds when it's hardware and air-gapped computers. It can even be done, but you will never know. I'm still skeptical.

[Welsh]

You mean any antivirus cannot detect that code, then we are all in trouble and whoever will do this will become filthy rich and people are going to question the safety of this software, so far it hasn't happened, but as a cryptocurrency holder we must good at keeping our surrounding safe from hackers and keeping your private keys.

Anti viruses only detect known code. Look at the antivirus as a database of all known malicious code, and they will pick that up. They also have a way of detecting possible malicious code, because of the way malicious code is written most of the time which can result in a lot of false positives. Anti viruses do not protect you against unknown code which isn't within its database. This has always been the case, and nothing is new here. This is why Linux is considered a better choice currently due to the way its built, and the fact that the majority of people are running a Windows based operating system so they're the better target for malicious codes.

This is why a lot of experienced users don't use anti viruses at all. Although, despite them running in the background, and marginally slowing down the computer its probably worth the trade off just in case you have a lapse in your security. There are ways of protecting from malicious code right down to the browser security level. For example, blocking code via the NoScript Suite addon will greatly increase your security. However, you're still relying on the security level of that addon which could potentially be compromised.

There are other things that you can do, however each time you are increasing your security level you're also likely decreasing the usability of your computer, especially on the browser side. The more restrictions you put on browsing the internet for example, the less websites you'll be able to access, and display correctly. There are trade offs when it comes to security, although I would much rather a secure machine, but then again I wouldn't store any Bitcoin on my live computer.

[The Sceptical Chymist]

It's a decades old software, I doubt that they start from scratch. It must be the typical software that still has bits from older versions. Over time the code accumulates so much crap that it becomes unreadable. I would assume that they hire people to clean it but still, it must be huge enough to drop malware in there.

Sounds like hoping a fast-food worker doesn't piss in your McShake or something.  I would hope a mega corporation like Microsoft would have some sort of safeguards against a key-stealing code being inserted into their software, but I have to plead ignorance as to how coding is done and what kind of quality control these companies have.  It certainly is paranoia fuel, though.

So airgapping doesn't stop malware in the offline system from stealing your keys.

Nothing's safe, then?  I don't know, maybe my level of paranoia isn't high enough, but has there been evidence of malware being inserted onto a device and crypto actually being stolen?  I haven't read anything like that before.  I've no doubt it could happen, but it doesn't seem to have...yet.