We’ve all been led to believe that by securing our digital wallet in cold storage (offline) that it would prevent anyone from stealing our bitcoins however that may not be the case. Dr. Mordechai Guri, the head of R&D team at Israel’s Ben Gurion University has now published research showcasing that they can steal data from an air gap computer. Air-gapped computers are those that are isolated from the Internet and local networks and so, are believed to be the most secure devices that are difficult to infiltrate.
The most effective techniques take only seconds to siphon a 256-bit Bitcoin key from a wallet running on an infected computer, even though the computer isn’t connected to any network. Guri said the possibility of stealing keys that protect millions or billions of dollars is likely to take the covert ex-filtration techniques out of the nation-state hacking realm they currently inhabit and possibly bring them into the mainstream.
Using a technique called “BeatCoin” which is not a new method, he found that previously discovered out-of-band communication methods can be used to steal private keys for a cryptocurrency wallet installed on cold storage, preferably an air-gapped computer or Raspberry Pi. He has posted two videos to demonstrate the method shown below:
As already mentioned, the exfiltration techniques described in this post assume the device running the cold wallet is already infected by malware. Still, the widely repeated advice to use cold wallets is designed to protect people against this very scenario.
“We show that, despite the high degree of isolation of cold wallets, motivated attackers can steal the private keys out of the air-gapped wallets,” Guri wrote in the new paper. “With the private keys in hand, an attacker virtually owns all of the currency in the wallet.”
To protect your private keys, we recommend that our users should always store them safely in their Swiss Safe. Always consider additional safeguards, including keeping cold wallets away from smartphones, cameras, and other receivers. You should also shield cold-wallet devices with metallic materials that prevent electromagnetic radiation from leaking. Of course, people should also prevent devices from becoming infected in the first place by using our secure services such as Secure Email, VPN , the Silent Phone and Swiss Safe.
Dr. Mordechai Guri
Ben-Gurion University of the Negev, Israel
Cyber-Security Research Center
Share How to Protect your Bitcoin Wallet