fbpx
 
Home / News, Videos & Publications / News / Homeland & Cyber Security /

Hackers Steal Bitcoin From Air-Gapped Wallets

Hackers Steal Bitcoin From Air-Gapped Wallets

April 30, 2018

Homeland & Cyber Security

Ars Technica – BGU’s Dr. Mordechai Guri, head of research and development at the University’s Cyber Security Research Center, and his team have found a way to exfiltrate bitcoin wallets even when they that are airgapped—meaning they aren’t connected to the internet or to any other devices.

Dr. Mordechai Guri

In the past, the BGU researchers found ways to defeat airgaps using a wide array of techniques, including electromagnetic emissions from USB devicesradio signals to extract data from hard-to-reach systemsinfrared capabilities in surveillance cameras, and sounds produced by hard drives.

On Monday, April 23, Dr. Guri published a new paper that shows how “cold wallets,” which are not stored on devices connected to the internet, are hacked in seconds. He was able to steal a 256-bit Bitcoin key from a wallet running on an infected computer, even though the computer wasn’t connected to any network.

Like most of the other attacks he and his colleagues at BGU developed, the currency wallet exploits start with the significant assumption that a device has already been thoroughly compromised by malware. Still, the research is significant because it shows that even when devices are not connected to the internet attackers may still successfully steal the information.

“I think that the interesting issue is that the airgap attacks were thought to be exotic issues for high-end hackers, but they are now becoming more widespread,” says Dr. Guri.

One of his techniques can siphon private keys stored in a cold wallet running on a Raspberry Pi, a tiny computer, which many security professionals say is one of the best ways to store private cryptocurrency keys.

They claim that even if a Raspberry Pi became infected there would be no way for attackers to obtain the private keys because it remains physically isolated from the internet or other devices.

As part of his research, Dr. Guri demonstrated that when users authorize a digital payment in the cold wallet and then use a USB stick or other external media to transfer a file to an online wallet, hackers can use a nearby smartphone to covertly receive the secret key in a few seconds making the Raspberry Pi nonetheless safe.

The technique works by using the Raspberry Pi’s general-purpose input/output pins to generate radio signals that transmit the key information. The headphones on the receiving smartphone act as an antenna to improve the radio-frequency signal quality, but in many cases they’re not necessary.

“We show that despite the high degree of isolation of cold wallets, motivated attackers can steal the private keys out of the air-gapped wallets,” says Dr. Guri. “With the private keys in hand, an attacker virtually owns all of the currency in the wallet.”

To protect keys, people should continue to store them in cold wallets whenever possible, but they should consider additional safeguards, including keeping cold wallets away from smartphones, cameras and other receivers. They should also shield cold-wallet devices with metallic materials that prevent electromagnetic radiation from leaking. Of course, people should also prevent devices from becoming infected in the first place.

Read more on the Ars Technica website >>