YoVDO

Wallet.fail

Offered By: media.ccc.de via YouTube

Tags

Conference Talks Courses Cybersecurity Courses Software Vulnerabilities Courses Cryptocurrency Security Courses Firmware Analysis Courses Hardware Vulnerabilities Courses

Course Description

Overview

Explore a comprehensive analysis of security vulnerabilities in popular cryptocurrency hardware wallets in this conference talk from the 35th Chaos Communication Congress. Delve into architectural, physical, hardware, software, and firmware vulnerabilities that could potentially allow malicious attackers to access wallet funds. Examine various attack vectors, including breaking proprietary bootloader protection, exploiting web interfaces, and performing physical attacks like glitching to bypass security measures. Gain insights into recurring issues across multiple wallets and learn about necessary changes to build more resilient hardware wallets. Witness live demonstrations of some of the most intriguing vulnerabilities on stage. Cover different classes of vulnerabilities, including firmware, software, hardware, physical, and architectural issues, along with their potential for mitigation or long-term impact on wallet security. Understand the challenges of building secure hardware and the implications for cryptocurrency storage and trading.

Syllabus

Intro
A long story short...
How is cryptocurrency stored?
What's a hardware wallet?
Security stickers
Counterfeiting is a real problem
Removing Tamper Stickers with hot air
Stickers cause confusion
Sticker Attack Takeaways
Opening Enclosures
What do you do once it's opened?
Goals for the hardware implant
When do you install an implant?
supermicro.fun - works on a breadboard
Antenna design
Is my backdoored device genuine?
The attacker can use moar power
Supply Chain Attack Takeaways - Recap
The Ledger Nano S security model
Ledger STM32 Firmware Upgrade
Ledger STM32 Bootloader
Ledger Nano S boot process
First attempt..
After more reversing..
The STM32 memory map...
Second attempt...
Ledger Nano S MCU verification
MCU verification bypassing...
Building the compressor
Public releases
Ledger Blue: Inside
Analyzing the signal
Getting training data...
How accurate is it?
Glitching - Backstory
DC 25 RECAP - Breaking Bitcoin Board
DC 25 RECAP - ChipWhisperer Glitch
Prior STM32 Security Research
STM32 Read-out Protection (RDP)
STM32F2 Boot process (1.8ms)
STM32F2 Boot process (1.4ms)
Power consumption after reset (2009)
Glitching the Trezor One
Reviewing the upgrade procedure...
Getting the seed
The Trezor Glitcher


Taught by

media.ccc.de

Related Courses

Security Principles
(ISC)² via Coursera
A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera
FinTech for Finance and Business Leaders
ACCA via edX
Access Control Concepts
(ISC)² via Coursera
Access Controls
(ISC)² via Coursera