Developer finds flaw in Samsung’s cryptocurrency wallet
2 min readThe entry of large companies into the cryptocurrency sector does not necessarily guarantee that crypto assets will be more “safe”. A recent publication by a group of developers revealed that Samsung’s Galaxy line phones have flaws that allow users to steal cryptocurrencies.
The study is research conducted and published by Alon Shakevsky, Eyal Ronen and Avishai Wool. They are computer experts from Tel-Aviv University (Israel).
Flaw in Samsung’s cryptocurrency wallet
In the study “Trust Dies in the Dark: Shedding Light on TrustZone Keymaster Design by Samsung” some security flaws in Samsung devices are detailed.
As the experts explained, smartphones with Android operating system use a hardware support called ARM TrustZone to create a secure execution environment (TEE).
So, TEE runs a TrustZone Operating System (TZOS) that is isolated from Android. That is, it works in parallel to the system. In addition, the system performs the most security-sensitive functions using encryption.
Expert work analyzed these features on Samsung Galaxy S8, S9, S10, S20 and S21 handsets. These models cover, according to these authors, more than 100 million devices.
Also according to the researchers, the security mechanisms of these devices were affected with an IV reuse attack and through a downgrade attack. These are two hacking techniques that, in short, aim to make systems more vulnerable and extract protected data.
Regarding the first technique, only the S9 presented vulnerability before the software version was downgraded. After that, everyone was vulnerable to the two techniques.
Using these techniques, the researchers were able to steal information on even “the latest devices”.
Furthermore, they claimed that their attacks were able to affect “two high-level cryptographic protocols between TrustZone and a remote server”. Furthermore, they managed to spoof the FIDO2 web API login and compromise Google’s Secure Key Import feature.
Finally, the study noted that even cryptocurrency wallets could be affected. After all, these wallets can hold cryptocurrencies, but they also store sensitive personal information.
At the conclusion of the work, the analysts stated that the manufacturers Samsung and Qualcomm should have their security projects audited and not just depend on the tests they do. So far, the Korean company has not commented on the results of this study.
