35th Chaos Communication Congress Lecture: 2018-12-27 @ 17:30 Learn More

The full page will go live after the wallet.fail presentation at the 35th Chaos Communication Congress.

At the 35th Chaos Communication Congress we will take a look at how to break the most popular cryptocurrency hardware wallets. We will uncover architectural, physical, hardware, software and firmware vulnerabilities we found including issues that could allow a malicious attacker to gain access to the funds of the wallet. The attacks that we perform against the hardware wallets range from breaking the proprietary bootloader protection, to breaking the web interfaces used to interact with wallets, up to physical attacks including glitching to bypass the security implemented in the microcontrollers of the wallet. Our broad look into several wallets demonstrates systemic and recurring issues. At the end, we provide some insight into what needs to change to build more resilient hardware wallets.

Who?

Dmitry Nedospasov

Dmitry Nedospasov

Dmitry Nedospasov is a hardware design and security engineer, security researcher, trainer, speaker and reverse-engineerer. In 2014 Dmitry received his PhD (Dr-Ing.) in IC Security at TU Berlin.

Thomas Roth

Thomas Roth

Thomas Roth was named as one of the 30 under 30 in Technology by the Forbes Magazine. His main focus is on mobile and embedded systems with published research on topics like TrustZone, payment terminals, and embedded security.

Josh Datko

Josh Datko

Josh Datko is an embedded systems engineer, security researcher and former submarine officer. Josh is best known for his 2017 presentation on insecurities in cryptocurrency hardware wallets.

Press inquiries/contact

If you would like to contact us before the presentation, please feel free to drop us an e-mail: info@wallet.fail