Following these two recent events, how would you attack self-custody? https://nitter.net/BitBoxSwiss/status/1725491128521068958#m https://nitter.net/zachxbt/status/1720961400313373127#m
It would be interesting to learn what attack vectors we can come up with and how to protect against those. With the increasing purchasing power of bitcoin there will be more and more victims I expect, unfortunately.
The two attacks above are not sophisticated and even then people fall for them (at least the Ledger one). Users should have protected themselves by:
- Ledger: Always verifying the software they use
- BitBox: Never enter a recovery phrase in software that is meant for a physical signing device
If I were an attacker, I would try to develop the attack methods below.
Browser malware Attack: Replace receive addresses shown in the web browser with an address owned by the attacker. I would attack large exchanges receive addresses (Binance, Coinbase, etc.)
- URL hijacking/domain spoofing/clickjacking: Show different websites to the user
- Cross-Site Scripting (XSS) attacks
- Browser extension malware / man-in-the-middle (MitM)
Protection: Manually verify the address with the recipient support organization over the phone. Assume anything digital might be altered. Reverse of this proposal: https://bitbox.swiss/blog/securely-withdrawing-from-an-exchange/
FOSS wallet software replacement: Attack: I would host a malicious build of FOSS wallet software. Many users don't verify their software, so if you can get malicious software on their system, you can take control of their bitcoin. I would then build two methods that come into play when the user sends bitcoin:
- User sends most of their balance --> Replace receive address and hope the user doesn't verify the address on a physical signing device. I expect this success rate to be relatively low for users that use a signing device.
- User sends a small portion of their balance --> Replace the change address as users typically do not verify that. Update the user's balance in the GUI to show the expected balance. This is a more complicated attack but can go unnoticed until the user runs out of funds or performs manual UTXO control.
Protection: Not sure. Also, I am unsure how successful this attack could be as I don't understand change addresses deeply enough. Relevant: https://blog.coinkite.com/troublesome-change/
How would you attack self-custody?