Hacking Hardware Wallets 35c3

Yesterday there was a great and entertaining panel about attacking hardware wallets at the CCC. You can now watch the video here: https://media.ccc.de/v/35c3-9563-wallet_fail

They are demonstrating different attack vectors ranging from playing Snake on Nano Ledger, remote confirm transactions on the Ledger, extracting the pin and even seed words from a Trezor device.


Thanks for this. I still think the best way to maintain a secure account is through a totally airgapped device that has never and will never touch the internet. Looking forward to eventual support for offline wallet creation and transactions.

A hardware wallet is an “air-gabbed” device and to be fair all attacks require physical access to the device.

1 Like

I have to admit I haven’t used a my nano yet because it is yet to be supported but I have a question. Once I pair the nano to the wallet if someone gets my seed words and spending password for the wallet (but not the seed words to the nano) can they restore the wallet to another computer and bypass the nano entirely?

The point of a hardware wallet is that no one (even you) knows the private key. It can not leave the device by design (unless broken like the Tezor in the video). Transaction are handed to device, then signed with your private key and the signed transaction will leave the device.

A good explanation is in the above video at 18:53 min: https://youtu.be/Y1OBIGslgGM?t=1133 (it takes only one minute)

But if someone gets your seed words (he does not need your spending password - the spending password is a feature of the wallet not of the blockchain) you are lost. Of course he can restore the wallet to another computer. This has nothing to do with a hardware wallet, the blockchain does not care if you are using a hardware wallet, a paper wallet or Daedalus.


If you’re using a hardware wallet there are no seed words.

(Sorry @adatainment, just trying to clarify.)

I’m sorry Rob but you are wrong or mean something else. (private key)

Of course there are seed words, or how do you think a backup will work? :smile:

OK, I might be wrong, I’m just working from basic principles here. My thinking is that the seed words encode the private key, if you have the words you effectively have the key. But the point of using a hardware device is that the key is nowhere else, only on the device. So there can’t be a seed phrase. Backup/restore is wholly dependent on access to the device.

This is true. The key is derived from this seed and you have to enter them once or you can use the hardware wallet to generate it. (you are forced to write it down like in Daedalus)

This is also true and your backup of the words won’t change this fact. You need the words for backup if you device breaks, stops working, if ledger is bankrupt, the software fails, you want a second Nano Ledger etc.

It’s up to you to keep the words safe.

1 Like

OK, I was thinking only of Cardano seed phrase, missing the fact there’s one for the hardware device, sorry about that.

1 Like

Thank you :pray:t3: for sharing this …

1 Like

Hi thanks that’s what I thought and that is primarily why I want to create a wallet offline as malware may compromise the private key on creation.

That’s a good thought. Also know that a hardware wallet like Ledger creates your seed offline. And it stays offline. Like an offline PC you would need physical access to it, always.

Once you have physical access - I guess for most people a PC is much easier to compromise then a hardware wallet like the Ledger.


Thanks. My brother and I are working on a raspberry pi based wallet device that encrypts the SD card. The thought is you can make multiple copies of the SD card for security. We are also working on some tamper proofing ideas for the device itself. It will be open source, the thought is to give people the ability to build it themselves as security is one of the issues holding back adoption.

Many Ledgers are compromised strait from the manufacturer and I emailed them concerning this and they shrugged their shoulders and said, eh, reset it and you’ll be fine… great! NOT. It says when you get it to make your own seed words and if there are seed words already there it has been compromised… I bought mine strait from them and guess what? Yep.

Compromised in what way? Any source?

For now I think a hardware wallet is the safest way to store your cryptocurrency. The vulnerabilities so far need physical access to the device. To avoid a supply chain attack you could/should order the wallet directly from the manufacturer. Once you have a genuine hardware wallet don’t install third party software on the wallet. For example, this is possible with Ledger, Here is described how the seed (words) and backup works: https://en.wikipedia.org/wiki/Cryptocurrency_wallet

No, that would defeat the entire purpose. If anybody has your passphrase then they do not need your device. They can gain access to everything on that wallet by regenerating it on another device. Yes, the seed is the private key. No, that key is not embedded on your device. That key is just a means to unlock a private transfer message on the blockchain.
The beauty of a back up seed is you can lose your device but still regenerate it.


I purchased my Ledger strait from the company and it had been compromised and when I told them they literally shrugged it off and said reset it. Doesn’t sound very reassuring. All the pass phrases were already in it and the package had not been tampered with.

That very much sounds like a supply chain attack https://en.wikipedia.org/wiki/Supply_chain_attack Maybe ‘they’ phised your delivery out of your mailbox and modified it (but I think you have to sign for it). I think a ‘good’ attack would be to monitor the Ledger/Trezor factory and find out what exact postal location the new hardware wallets are stored overnight. And sneek in at night to modify them :frowning: As far as I know Ledger (and Trezor) are good companies. I read articles from hackers where they try to hack a harware wallet. But in all the cases so far the hacker needs to have physical access in order to insert the malicious hardware/software. I your case it looks like someone just preconfigured your device hoping you would use his configuration. He then could restore the backup phrase to his own device at any time and steel your coins. Good thing that you paid attention and did not fall for it.

1 Like