One of the main features of the Blockchain technology, and probably the one it is best known for, is its reputation for being unhackable. However, while blockchains are indeed impossible to manipulate. The story is different when it comes to the products created by them. Therefore, even a cold wallet can be hacked if we do not take the necessary precautions.
ABC Crypto, Lesson 13: What is a wallet, and how do you choose one?
The unhackability of the Blockchain
One of the great confusions existing in the crypto world, is the one that mixes the Blockchain technology that protects the crypto currencies, with the security of the same ones. Well, the existence of blockchains effectively guarantees that the records of cryptomonies, like Bitcoin Circuit, Bitcoin Evolution, Bitcoin Code, Bitcoin Trader, Bitcoin Era, Bitcoin Billionaire, The News Spy, Bitcoin Profit, Immediate Edge, Bitcoin Revolution, are not modified by any actor.
However, this doesn’t mean that it is impossible for a malicious third party to break our security, and get into our crypto currencies. Especially if we do not have a sufficient level of security in our wallets to defend ourselves from these cyber attacks.
If a person manages to decipher our passwords and enters our wallets. There’s no way to stop them from sending our cryptos to the address they prefer. Which is why there are different types of wallets that combine different levels of security.
The safest type of wallet on the market is the so-called cold wallet. These consist of devices not connected to the Internet, normally external memories, such as a pendrive, but they can also be a simple QR code printed on paper. And because they are not on the network, they could not be attacked by hackers of any kind. That’s why they are considered impenetrable methods for cryptoactive storage.
What’s a coin mixer? The hacker-friendly
A cold wallet hacked
However, as shown by studies carried out by the Ledger company, which produces various models of wallets itself. A cold wallet can be hacked if the right tools are used to exploit certain vulnerabilities. Such as those discovered in Shapeshift’s KeepKey and Coinkite’s Coldcard Mk2.
In the case of KeepKey, Ledger researchers took advantage of the variations in the voltages consumed by the cold wallet’s memory chip. They related each voltage variation of the chip with a data entered in the wallet’s password. So, with some time and the appropriate technological resources, they were able to break the security of this cold wallet.
The KeepKey cold wallet was hacked by the Ledger team.
With Coldcard Mk2 the story was more complicated. In this case, the objective of the Ledger team was to break the protection of the wallet that limits the number of attempts to decipher the password of the wallet. To do this they used a “fail-safe attack”, disabling the limit of attempts to enter the password. From there, they simply used a common password guessing program to enter the cold wallet.
Although the two companies are working on fixing these security flaws. They are a reminder to the crypto community that even though we have a cold wallet. And consider it extremely secure to protect our assets. Our hardware must be cared for so that it does not fall into the hands of others. Who, with enough time and resources, will surely hack into our wallet and take our money.