Security Experts Discover New Method Hackers Use to Steal Hardware Wallet Private Keys

Security researchers have unveiled new tactics hackers employ to steal people's Bitcoin hardware wallet seed phrase.

Through a method tagged Dark Skippy," hackers can use malicious firmware to embed modified signatures into public Bitcoin transactions.These modified signatures can help the attacker to extract a person's private keys.

Hackers Discover New Ways to Steal Wallet Seed Phrases

Hackers and criminals keep evolving as crypto and blockchain technology advances, finding new ways to steal user funds.

On August 5, researchers Nick Farrow, Lloyd Founier, and Robin Linus disclosed how hackers extract hardware wallet seed phrases to steal a person's assets.

Today we disclose Dark Skippy - a powerful new method for a malicious signing device to leak secret keys.

With a modified signing function, a device can efficiently and covertly exfiltrate a master secret seed by embedding it within transaction signatures. pic.twitter.com/dY543hChfM

- nick (@utxoclub) August 5, 2024

Farrow and Fournier are cofounders of Frostsnap, a hardware wallet manufacturer. Linus is the co-developer of Bitcoin protocols BitVM and ZeroSync.

According to their disclosure report, no hardware wallet model is immune to this vulnerability. However, the attacker can only infiltrate the wallet if they trick the victim into downloading the malware.

Dark Skippy is an improved version of a previous trick: nonce grinding, a slower method requiring victims to post multiple transactions on the blockchain.

However, a Dark Skippy attack can occur even if the victim signs just two transactions. Also, the attack can occur even if the user uses a separate device to generate the seed phrase.

According to the report, when hackers corrupt a hardware device's firmware, they can use low entropy secret nonces to embed dozens of seed words into transaction signatures.

When the signatures get posted on the blockchain during transaction confirmation, the hackers can scan, locate, and record them.

However, the signatures created by introducing the malicious firmware contain public nonces, which are not parts of the seed phrase. To compute and generate the secret key, the attacker must input these public nonces into Pollard's kangaroo algorithm.

Introduced by a mathematician, John M. Pollard, Pollard's kangaroo algorithm, also called Pollard's lamba algorithm, is used to solve discrete logarithm problems.

The researchers revealed that hackers can get a user's complete seed phrase through this method. The method doesn't require dozens of transaction signatures; only two from the compromised wallet device is enough. Moreover, using a separate device to generate the seed phrase does not limit this method.

Mitigating the Risks of Losing Funds to Dark Skippy Attacks

The researchers described Dark Skippy as a new, improved way of exploiting an existing hardware wallet vulnerability.

Despite this attack vector not being new, we believe that Dark Skippy is now the best-in-class attack for malicious signing devices.

- The attack is impractical to detect
- Requires no additional communication channels
- Effective on stateless devices
- Exfils master secret

- nick (@utxoclub) August 5, 2024

Further, the report revealed that Dark, Skippy attacks are practically impossible to detect, require no extra communication channels, and are effective even on stateless devices.

Therefore, users must stay informed while taking extra care to mitigate this risk.

The researchers advised hardware wallet manufacturers to employ extra measures to prevent malicious firmware from corrupting users' devices.

According to the report, open-sourcing device firmware cannot mitigate this risk. So, the researchers recommended introducing secure boot and lock JTAG/SWD interfaces.

In addition, hardware wallet manufacturers can build reproducible and vendor-signed firmware and include anti-signing protocols in their devices.Meanwhile, users are advised to verify and secure their firmware and desist from sharing stateless signing devices with others.

The post Security Experts Discover New Method Hackers Use to Steal Hardware Wallet Private Keys appeared first on The Tech Report.