Geeks for your information

Full Version: How to hack a hardware cryptocurrency wallet
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
[Image: hardware-wallets-hacked-featured.jpg]
Quote:Hardware wallets are considered to be the most secure type of cryptocurrency wallet. However, nothing is 100% secure, and they can be compromised just as well. At the 35th Chaos Communication Congress, security researchers Thomas Roth, Dmitry Nedospasov, and Josh Datko demonstrated several ways to do it. But before we jump into hacking, a little background on what a hardware wallet actually is and how it works.


What is a cryptocurrency wallet?


First of all, let’s talk a bit about what a cryptocurrency wallet is in general. To put it simply, a wallet is a cryptocurrency account. The “account” consists of a pair of cryptographic keys, one public and one private. These two keys have some resemblance to login and password pairs: The public key is used as a wallet address, and the private key is used to access coins — that is, to sign outgoing transactions.

Another thing worth mentioning is how multiple public–private key pairs are generated in cryptocurrency systems for multiple wallets belonging to the same person. It might be inconvenient to store several completely independently generated key pairs. So what cryptocurrency systems really do is generate just one big number called a cryptographic seed and derive multiple public–private key pairs from the seed in a predictable manner for multiple wallets.

This one big number — the cryptographic seed — is what a user of a cryptocurrency system actually stores.
Unlike traditional financial systems, cryptocurrencies usually have no centralized authority, no registration mechanisms, nothing like chargeback insurance, and no account recovery options. Anyone who owns the cryptographic seed and therefore the keys derived from it, owns the corresponding cryptocurrency wallets. And if the seed is stolen or lost, so are the coins in the wallets.
Full reading: https://www.kaspersky.com/blog/hardware-...ked/25315/