Email 2FA for Product Authentication
The advent of cryptocurrencies and its auxiliary features such as self-custody has enabled individuals to gain freedom when it comes to the management of their money. Self-custody solutions grant the custodian financial sovereignty, but also leaves the individual exposed to various attacks that could result in a complete loss of funds. Typically, hardware wallets are known to be the safest self-custody option, but even hardware wallets tend to have vulnerabilities. This blog explores how malicious wallet companion applications can be used to steal digital assets from users.
Malicious software as an attack vector
Typically, a hardware wallet connects to a desktop or a mobile application for various operations. Cypherock X1 comes with a cySync desktop application available across Windows, Linux and Mac. The application serves as the interface for all wallet operations, and the hardware tends to be treated as a signing device. Although the application is crucial in the functioning of the hardware wallet, the default assumption is not to trust the desktop application due to its nature of being installed on an internet-connected device that could host malicious programs. A common example of an exploit carried out by malicious software is through phishing, where the attacker attaches a download link after stating that either the wallet, or the software has suffered a breach, and a new application would need to be installed which would help reset the pin on your hardware wallet, or install the appropriate updates on your wallet. Once the malicious software has been downloaded, there may be prompts to enter the seed phrase of the wallet generated to access further functionality on the desktop application. Usually, there is no way for the attacker to extract the seed phrase from the wallet itself remotely, so it tends to be disguised as a part of the user flow to help keep your wallet safe. Hence if the user enters the seed phrase into the malicious application, it is safe to assume that the funds have been compromised.
To authenticate your hardware wallets today, hardware wallet companies broadly use two types of approaches today -
The secure chip inside the device authenticates the device on initialization. This is an insecure way to verify the device since the user cannot verify this on a compromised wallet.
The wallet on initialization is authenticated by the server of the company and the authenticity result is displayed by the companion app with the wallet. The problem here is if the user has a malicious app which is what the original threat model of the hardware wallet is, then the malicious app can display to the user that the product is authenticated even though the response from the server was different from that.
Email Authentication Notification
To remove the reliance upon the desktop application as a singular source of truth for wallet authenticity, Cypherock has implemented an optional email-based 2FA system that also directly sends you the authenticity status of your X1 vault and X1 cards on your email. When you successfully complete a device or card authentication, you will receive an email from Cypherock with the authentication status about the same. Hence, even if the user is using a malicious desktop app, the user can double-check the authenticity result on their email. It is important though to make sure that the email the user receives is sent from the cypherock.com domain email address.
Last updated