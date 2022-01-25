In early 2018, Dan Reich and a friend decided to spend $50,000 worth of Bitcoin on a batch of Theta tokens, which at the time was a new cryptocurrency worth only 21 cents each. At first, they held the tokens on a China-based exchange.





But a few weeks later, the government of the country decided to go after these platforms (something that often happens there) and to avoid losing access to their money they made a transfer of their coins to a hardware wallet or physical cryptocurrency wallet. Reich and his friend chose a Trezor One hardware wallet, they set up a PIN and forgot about it.

only 16 tries





At the end of that year, the token had sunk to less than a quarter of its value, had risen again and then sank again. Reich decided that he wanted to charge, but his friend had lost the paper where he had written the PIN and could not remember that code. They tried to guess what they thought was a four-digit PIN (it was actually five), but after each failed attempt, the wallet doubled the waiting time before they could guess it again.

All this knowing that after 16 attempts the wallet data was automatically deleted. When they reached a dozen attempts they decided to call it quits. But the price of those coins went up again and a lot. From a low of around $12,000, the value of his cryptocurrencies began to skyrocket. At the end of 2020 they were worth more than $400,000, rising briefly to more than $3 million.

It was hard to get into the wallet without the PIN, but it wasn’t impossible. They searched the internet alternatives until they found a talk at a 2018 conference of three hardware experts talking about a way to access a Trezor wallet key without knowing the PIN. The engineers refused to help them, but at least they knew there were alternatives.

Then they found a financier in Switzerland who claimed to have partners in France who could crack the wallet in a lab. But there was a catch: Reich could not know their names or go to the laboratory. He would have to hand over his portfolio to the financier in Switzerland, who would take it to his French partners. It was an idea with many risks (they could be scammers and steal everything, for example).

Finally, they decided to accept it, and when they were going to come to Europe they ran into the pandemic. The plan slowed down and they finally found an American hacker named Joe Grand

Enter Joe Grand

Grand is an electrical engineer and inventor who has been hacking hardware since he was 10 years old, according to himself. In his story, among other things, he testified before the US Senate about a vulnerability that could be used to bring down the Internet or allow an intelligence agency to spy on traffic. Today, he teaches hardware hacking classes to organizations and companies that design complex systems and want to understand how hackers can attack their products. Reich talked to him and trusted his abilities.

Grand decided to buy several wallets identical to the one Reich and his friend had and installed the same version of firmware on them.

then it happened three months investigating and attacking their portfolios with various techniques. They agreed that Reich would not go to the city of Grand with his wallet until Grand managed to crack three wallets with the same technique.

Grand drew on previous research: In 2017, a 15 year old hardware hacker in the UK named Saleem Rashid had developed a method to successfully unlock a Trezor wallet belonging to a tech journalist and helped him release $30,000 worth of Bitcoin.

Idea del crackeo





Rashid found that when the Trezor wallet was powered on, it made a copy of the PIN and key, which were stored in the wallet’s flash memory, and placed the copy in RAM. A vulnerability in the wallet allowed him to put it into firmware update mode and install his own unauthorized code on the device, which allowed him to read the PIN and key in RAM.

But installing your code caused the PIN and key stored in long-term flash memory to be erased, leaving only the copy in RAM. For Grand there was a risk: if you inadvertently cleared the RAM before you could read the data, the key would be unrecoverable.

Grand then decided to fall back on the method used in the 2018 conference talk that Reich had also previously examined. In this case, the researchers found that despite Trezor removing the PIN and key that were copied to RAM during startup, PIN and password appeared in RAM during another stage. They discovered that at some point during firmware update mode, the PIN and key were temporarily moved to RAM – to prevent the new firmware from writing over the PIN and key – and then moved back to flash once once the firmware is installed.

So they came up with a technique called “wallet.fail”. This attack used a fault injection method, known as glitching, to undermine the security that protects RAM and allow them to read the PIN and key when briefly in RAM.

There are three levels of security available for the microcontroller used in Trezor wallets: RDP2, the most secure, which does not allow reading the RAM, and RDP1 and RDP0, which do allow it. By performing a fault injection attack against the chip -which affects the voltage going to the microcontroller- the wallet.fail team discovered that it could downgrade security from RDP2 to RDP1. They were then able to force the wallet into firmware update mode, sending the PIN and key to RAM, and read them.

It was similar to Rashid’s attack, except fault injection allowed them to access RAM without exploiting the code. The technique was great for a research project, but risky for real life, according to information from the protagonists of this story.

If something was done wrong, Grand could inadvertently wipe the RAM, along with the key and PIN.

While trying to fix the problem, Grand came up with a better solution. He found that in the version of firmware installed on Reich’s wallet, the key and PIN were still copied to RAM when the device was powered on. If Grand glitched the device at the right time, it could lower the security to RDP1 and read the RAM. And since the key and PIN were only copied to RAM at the time and not moved, unlike the wallet.fail scenario, this meant that they continued to exist in flash memory if Grand inadvertently cleared the RAM. It was a much safer solution.

Glitching required thousands of attempts





The only problem was that glitching required thousands of attempts: Turning on the wallet repeatedly and using different parameters to affect the microcontroller’s voltage each time, in an attempt to find the exact moment that would allow him to lower the security of the microcontroller. It took between three and four hours and there was no guarantee that it would work in Reich’s wallet.

When it came time to do the actual hack last May, Reich flew to Portland for two days. They spent the first day preparing everything –they filmed the hack with professional equipment– and the next day, Grand carried out his action.

They had to wait more than three and a half hours. until the hack came to an end and the five-digit PIN and key appeared on Grand’s screen.

He immediately took the Theta tokens out of his account and sent a percentage to Grand for his services.

At that time, the amount of money in the hardware amounted to 2 million dollars at the exchange rate. Since last May, Grand has received requests from other people who have lost access to their funds and who need the key to decrypt their wallets. Yes indeed, Trezor has already fixed part of the problem that Grand exploited in later versions of its firmware.

VIA | TheVerge