secondary title
Private keys, wallets, and SIM cards were hacked, and security vulnerabilities exposed by recent security incidents
Let’s desensitize and talk about some security incidents disclosed in the past month.
The first one is that Altsbit, an Italian cryptocurrency exchange, was hacked. Although the amount was relatively small and it was a relatively new exchange, this exchange originally had relatively small amount of funds, and the amount of stolen funds actually accounted for their Probably about halfway there, so they declared closure.
The second one is IOTA. We noticed that this incident is mainly because IOTA’s entire mainnet has been suspended due to this incident. Imagine a well-known public chain that can suspend the mainnet. What would lead them to do this? kind of thing?
The main network of the public chain is suspended, such as Bitcoin and Ethereum. If they are suspended, it means that no transactions can be carried out, and the various contracts running on it cannot be executed normally, and the loss will be very large. IOTA did such a thing at the time, because the official wallet introduced third-party components, and the third-party components were hacked, which indirectly affected many users of their official wallet, resulting in their private keys and passwords being stolen. According to the calculated loss, the stolen IOTA is about 8.55 million pieces, worth about 2.3 million US dollars.
At the beginning of this matter, the whole community and the authorities were very panicked. They didn't know where the problem was, but they received many complaints from users that their coins were lost. In order to investigate this matter, they had to suspend the entire mainnet.
This impact seems to us to be a very far-reaching event, but in China, in addition to taking the initiative to follow up and disclose it, and communicate with the official and some related people in the community on Twitter Apart from relevant interactions, basically no other security teams were seen responding to this matter.
At that time, we discovered that the reason why it was hacked was because the official wallet released a new version with a built-in transaction module, which is equivalent to the function of an exchange in the wallet.
For such a wallet, its desktop version uses a very well-known JavaScript development framework. His access to the third party is also embedded through a remote call of JavaScript. This will cause a problem. If the third party is hijacked or hacked, the JavaScript content is changed, which can directly affect the IOTA wallet, because its entire operating environment is JavaScript.
So basically it can be considered that there is a problem with the third party. As long as the user opens the wallet and connects to the Internet, your private key, your password, and some related information that you may operate are capable of detecting this malicious JavaScript code. Obtain. This is a very real attack case. We also output research reports in Chinese and English.
Then there is bZx, bZx is a DeFi project. In fact, before it was hacked, we heard very little about it. After all, it is not particularly publicized in China, and there are relatively few people using it. We are because it was hacked once, and then it was hacked for the second time, so we are very concerned about why it was hacked?
In fact, the fundamental reason lies in the entire economic model, and the risk control is flawed. Including the mutual flow of some funds on these agreements, etc., in our opinion, it is a risk control defect in an economic model of the system as a whole and the system as a whole. So in our understanding, this matter is not a very traditional one, such as a very simple loophole like a loophole in the previous smart contract, or some very simple loopholes such as excessive permissions, overreach, etc.
This fluctuation is an attack event that can only occur when the system and the outside of the system are combined on the entire economic model. Before they were attacked, other teams had actually reminded them that there might be such a problem. But these underground hackers, one of the enforcement rules they follow is to do it. That is, you have to do it and let people see that you can really do it, rather than telling what kind of problems it might have.
Of course, such an early warning is also good, but it is just that many times the officials feel that they are very familiar with smart contracts and the world of DeFi, but they are too proud. After it was really done, everyone knew that this theoretical risk would actually happen. This is a revelation brought to us by bZx.
It is a representative of the label of decentralization in our opinion. However, whether decentralized or centralized, there are associated risks.
The most recent time, everyone should be very impressed, that is, on the weekend a few days ago, this person was called Josh Jones. We also made related speculations. At that time, he said on Reddit that he had been stolen, probably more than 1,500 bitcoins, and nearly 60,000 BCHs. He said that his SIM card was hacked, and the SIM card is a very important module in the mobile phone. If the SIM card is hacked, for example, my SIM card was copied by a hacker, it is equivalent to owning my mobile phone number. Receiving any information, such as the verification code of the relevant platform, can directly cause the risk of my funds on this platform to be affected.
Why he said that the SIM card was hacked, we believe it more, because last year, many users of the Coinbase exchange were hacked because of the SIM card, resulting in the theft of their funds on Coinbase, in our opinion It boils down to the same category of risks, namely third parties.
In fact, it feels very similar to the IOTA I mentioned earlier. IOTA was hacked because the wallet was embedded in a third-party exchange. This and Coinbase and Josh Jones were hacked because of third parties.
The SIM card attack method is actually very popular, but in China, you don’t have to worry too much, because the country has gone through the chaos of the early operators, and even the internal evil of the operators, including some of our related laws and regulations. , Everyone's mobile phone number will not be easily copied by others.
In our country about 10 years ago, this phenomenon was quite common. However, the strength of foreign operators may not be as strong as ours. Everyone knows that our country's infrastructure is very strong. However, many overseas operators are operated by private companies, and their technical strength may not be that high, including some related internal agreements, which may be very old versions, and risk control management may be relatively backward, and there will indeed be overseas operators. The mobile phone number is copied by social engineering and other means.
We will remind you that if you are an overseas user, in addition to using your mobile phone number as a two-factor, it is best to use a second-authentication app like Google Authenticator, or some hardware-level solutions.
secondary title
How to manage your private keys?
In the past month, we have seen many problems, in fact, there are both internal and external. For example, everyone knows internally that the private key is the identity. There are very important assets in the private key, which involves three key points, from the generation of the private key to storage and use. If there is any link that is not vigilant, it is possible that as time goes by, when When certain risks are exposed, the possibility of going back or investigating is very low.
When we generally mention private keys, we also mention multi-signatures, including a very popular algorithm called secure multi-party computing, but in the early days, many people actually needed to manage some heavy assets, especially those with For some currencies, his support for multi-signature is not very reassuring.
For example, Ethereum, everyone knows that the popular multi-signature scheme of Ethereum is realized through smart contracts. However, there have been security issues in the history of multi-signature smart contracts, and we cannot 100% believe that the goal of multi-signature absolute security can be achieved through smart contracts on the chain.
Even if I do not use smart contracts, I can not guarantee absolute security if I do multi-signature generation on the protocol set and off the chain. But here we will be more at ease. The reason is that this method has been verified countless times in history. If there is a problem, basically everyone can think that there is a very, very big problem with the entire public chain or the infrastructure of these well-known public chains. At this time, it is no longer a certain case, but definitely a very large-scale incident.
Therefore, from the perspective of probability and related code audits, including the frequency of use, many people prefer native and transparent solutions like BTC, rather than multi-signed smart contracts written by third parties, although these smart contracts are also Passed the security audit, but we don't trust the smart contract and the virtual machine underlying the smart contract.
So in the early days, there were many people whose private keys were generated in a very Stone Age way. It is said that after the private key is generated, such as the private key or mnemonic, through multiple copies and transcriptions, it means that there are multiple people in charge. These few people may trust each other very much at the beginning. For example, three people, if any two people get the private key, or a fragment of the mnemonic phrase, they can form a complete private key.
But the first question here is when the private key was generated, who did it? Is the environment he made safe? He said he deleted it after he finished it, the deleted data, these things There is a way to recover it. This does not solve the credible problem in the first step, and it will plant a seed worthy of questioning or suspicion. Due to the early stage of these problems, it is very difficult to investigate clearly.
Then there is storage, how to put the private key in a safe place.
The other is to use, you still have to use it in the end, you have to print out these coins, or you have to transfer them and so on. As long as you use it, whether you are directly or indirectly, you will have the possibility of being connected to the Internet, or is your operating environment safe at that time?
In fact, many of the recent internal cases revolve around the private key. The private key mentioned just now is very core at the blockchain level, and it is also very basic and a very low-level thing.
At the level of the entire system, such as exchanges or wallets, to run, there are various business modules, such as currency transactions, fiat currency transactions, transfers between wallets, recharge, display, etc. Including some new ways of playing now, such as contract trading, leverage, and you may have fund custody, and you may use a third party.
When we look at security issues, when a thing is higher up and more user-oriented, the complexity of the entire security is magnified. Therefore, we also found that there are many cases of being hacked, or stolen coins, because of the lack of risk control at the upper level, or the related management platform was hacked.
Many people may think that my management platform, how can hackers see it? In fact, as long as you are connected to the Internet, your computer may be implanted with Trojan horses or viruses, which may cause the permissions of these related platforms to be stolen.
When we do an analysis of a hacked event or a stolen coin event, our approach is definitely to split many layers and modules from top to bottom, and we will use the simplest method, called the exclusion method. The elimination of each piece and each piece finally determines where its root is.
But this process is actually very time-consuming. In the most time-consuming case, it took more than two months before we discovered the truth. At the moment when our whole team knew the truth, tears were about to fall, and it felt dull in an instant.
We deeply know that any event, in our opinion, is like solving a case, and we need to use the method of exclusion to list any possibility, and then rule it out one by one. And many times, many people's descriptions are problematic, you have to deliberate, his memory may also be problematic, and he may even be doing bad things on purpose, you have to deliberate.
In fact, there are not many cases that can be successfully solved in our history, and the proportion of cases that can be solved may be more than half, not to say that it is absolute. After the case is solved, the probability of recovering the stolen coins is even lower.
Because everyone knows that cryptocurrency transactions are transparent and visible on the chain, but this transparency and visibility is limited to transactions, and will not record your IP or your privacy in the real world.
When tracking on the chain, there is a more interesting point in the end. In the end, these coins will definitely be converted into legal currency, and it is just a matter of time.
I may exchange it after a few years, after the turmoil is over, and you will eventually exchange it into legal currency. In many cases we found, it was eager to redeem it.
If we are an underground hacker, no matter what method we use, we will steal the coins through the loopholes in these exchange wallets, or we will phishing various users to steal his coins, or we will use ransomware to steal your server and Your computer is encrypted and you have to pay me in Bitcoin or Monero or whatever. No matter what, I stole these coins, and I will find a way to cash them out.
This involves your currency going to the exchange. Before entering the exchange, more and more professionals now go through a currency mixing platform. The existence of these coin-mixing platforms is a game for other people who need to launder coins. The funds I wash in it, I must not be too much each time, this means that my speed will be slow, and I may find a few more companies to wash together, the reason is that if your company is messed up Yes, I can find all the chains of evidence for laundering coins on you, and you will even record my IP and so on.
These methods are not particularly effective in the face of some superpowers. So you can see that coin laundering is also an art, it is not easy, and the greater the movement, the more likely it will be exposed.
In the end, after you get out of the mixed currency, you have to enter some well-known exchanges, because they have legal currency channels to get out, and this involves your identity and account number on this exchange. Professional hackers will never use their own identities to register with these exchanges. Their various KYC, various identities and even video identification can be fake.
secondary title
How to judge whether this project is safe or not?
The main question that many people care about is whether a project is safe or not, how to judge?
This is not a very easy task, but we have given some basis for judgment, which can be used as a reference for everyone.
First, is there a strong internal security team? Or a core person with rich security experience is checking, this is very critical. I may not have a security team, but it doesn't matter, I have very rich experience, I can connect R&D, operation and maintenance, operations, etc., and advance the entire security construction work in an orderly manner, which is fine.
So how do you judge whether there is a security team or core personnel inside, whether it is true or not? This is not easy to answer, and the industry often relies on word of mouth. Therefore, we may have to meet more, or know more people, so that our judgment can be more accurate.
Second, it has not been audited by a third-party professional security agency in the past six months, and the results of the security audit have been made public. This requirement is still a bit difficult in our opinion.
Because the entire industry is developing very fast, has it been audited by a security agency within half a year, preferably a very professional and well-known one, and has relevant reports that can be publicly reviewed. However, we found that many project parties are not willing to disclose the internal audit report, after all, it may involve project privacy, which we can understand.
However, we have also seen that many project parties overseas are actually very willing to let these audit institutions publish their reports transparently.
Third, there are third-party security agencies that have continued to cooperate closely with each other for a long time. As mentioned above, security requires long-term development, so there will be one or more very close third-party professional security organizations to cooperate with. If there is such a continuous relationship, and there are some black swan attacks, it can also stop losses faster.
In our opinion, being hacked is inevitable, no one dares to say that they have not been hacked, this is for sure. Of course, it doesn’t matter whether there are stolen coins. There are indeed some that do better, and the coins have not been stolen.
But being hacked on a public network like the Internet can happen all the time, even by insiders. So since this is a very common phenomenon, then deal with it calmly.
As long as you don't lose too much, or you don't have an evil or opaque psychology, in fact, you can win wider support from the community if you are calm.
This is also the fourth point we are talking about. Core members are needed. Their attitude towards security must be open and open. If there is a problem, they should admit their mistakes instead of just shouting slogans.
For example, we have seen that there are many project parties, and their official websites say that my security is very strong and excellent. Even for the Zeus class, it feels like all kinds of nouns and adjectives will come out. Of course, these slogans are actually meaningless. We know where his problems may arise, because we are a very professional security team. For those professional underground hackers, they can certainly know that they can make your slogan an important point for you to slap your face in the future. basis.
secondary title
What kind of hardware wallet is safe to choose?
Recently, we also audited some hardware wallets. After auditing these hardware wallets, we made a summary of what kind of hardware wallet is safe and powerful.
1. It is best to support enough mainstream currencies;
This is not absolute, we just consider it from the perspective of peace of mind, because in principle, there will be no more than two hardware wallets in a person's hand, because it is not necessarily a good thing if you have too many, and it is really safe. Not to say that it is absolutely safe, and there are actually very few truly safe hardware wallets.
2. The relevant hardware modules used at the hardware level are all top international standards and the production and delivery supply chain is also top-level;
Many teams that make hardware wallets are definitely not completely top-notch and professional in various hardware chips, modules, components, etc. At this time, you have to rely on many top international standards, even if you don't know how to do it, you have to use it well. Including the supply chain you choose, your production, including your delivery, you must choose these high-quality and top-notch products.
3. The coupling security design of firmware and hardware modules is absolutely top-notch;
Firmware is simply an operating system, it is definitely not based on Android, and the mission of Android is not to be a hardware wallet. The coupling between firmware and hardware modules, and the coupling security design between them is absolutely top-notch.
4. The hardware uses bluetooth, USB and other external communication modules are the latest safety standard technology;
5. The hardware wallet should preferably have a screen so that the user can visually confirm the correctness of the target address when transferring money;
6. The networked computer or mobile phone environment used by the supporting hardware wallet is guaranteed to be pure and single;
If you are not sure, don't mix it in other environments. For example, if I am sure, then I don't care, because I know the security of my computer very well. But if you are not sure, it is better to say that it is an independent virtual machine, an independent computer, dedicated to some operations on important assets.
7. The hardware wallet should preferably support multi-signature security management;
Multi-signature or multi-party calculation is a good way. Of course, the multi-party still has a long way to go. The multi-party can better solve different supply chains, because the multi-signature mechanism is not the same, and there is no universal solution. Of course, the multi-party can turn this solution into a more general one. solution, which we are very much looking forward to.
8. It is best to introduce the practice of SSSS in the design of mnemonic record, storage and even co-management;
To put it simply, when I split the mnemonic, for example, it can also be designed as 2-3 or 3-5. In terms of transcription, I would not say that a person completely memorizes all the words. Of course, if after copying, I can ensure that the copies I copied out, for example, I am willing to take two copies of my 2-3, it can be spelled into a complete mnemonic word list.
9. The physical security of the hardware wallet cannot be ignored;
For example, can it be better waterproof, fireproof, lightning protection, etc. For example, if I fall on the floor, it may break, which is very embarrassing. And when it is destroyed, it can not be perfectly restored, which can prevent me from being manipulated by some people in the supply chain link during the delivery process.
10. The upgrade security mechanism of firmware and supporting software cannot be ignored;
You may be fine now, maybe you upgrade a firmware, if the private key generation is very weak and random, and a backdoor is maliciously implanted, it will be very troublesome. It is not the same as the traditional Internet that says to upgrade in time. Our suggestion is based on a premise, that is, when you have enough, or if there are no serious loopholes, don't upgrade easily.
11. The hardware wallet security team has sufficient strength to analyze the shortcomings of peers, and the disclosure has received extensive technical reputation in the industry;
Those who engage in security are actually hackers behind him, just like us in security, if you don’t have some basic knowledge about hackers, how can you do a good job in security? You still have the temper you should have. Resentment is also normal. The key point is that you have to be really capable, and you can publish some of your research reports, instead of saying that you keep posting some PR articles, saying that you are very safe.
12. From generation, storage to use of private key, the almost absolute security of private key is the most basic requirement;
13. Open source.
Our view on open source is this, not to say that you open source as soon as you come up, this is unrealistic.
Everyone knows this industry. In fact, business is a bloody thing in many cases. If you open source, you may be directly copied by your peers. So open source is a process, it’s not a matter of will. When I say open source, I mean open source. I also want to do business, I want to make money, and I want to live. But open source is a gradual process. We are very much looking forward to when you become the top in the industry, you can boldly open source, you will always be in the lead, and it will be OK to let them catch up. This feels very good.
The above is my sharing, thank you.
