My Trezor was hacked

some good advice

securce seed & split into 2 pieces (if using pass phrase seed & phrase split) bookmark address (but always get it from the receive tab)

buy a second HW wallet for 3rd part apps( serpent seed to keep 1st seed safe from being drained) setup in TS first send tiny amount of funds cross check address & balance

once 1st HW is set up check wallets with https://revoke.cash/(just to make sure no draining can happen)

and you only deposit into HW 1 addresses from with TS
when you want to withdraw and do have a separate solan wallet send out$0.50(READ YOUR HW SCREEN)you could have a fake app which could send all the funds out of the wallet i call this “CLICK OF DEATH” https://www.youtube.com/watch?v=gwLyvZR1KCI

I also lost all funds in Trezor/Exodus just last week. I have owned the Model T for 3 years now, it has only been out of the safe a handful of times. Seed phrase was also only written down on a piece of paper, and has remained in the safe. No pictures were taken, no files were saved with any information. I also have been in IT since the 80’s and something is not right here. There is absolutely no way I released the seed phrase. I have never entered it into anywhere, other than Exodus when I set it up a couple of years ago. I have rebuilt my laptop a few times in between, but always setup Exodus from their site, and no other place. I have racked my brain for DAYS trying to understand this. The only thing I can come up with is hardware hacked before I received it, which was from the official Trezor store on Amazon. I am examining the physical device very carefully. I need to get a magnifying glass on it, but with my eyes, I almost think I can see indications of the case being apart. I don’t dare open it up myself at this stage. When I received it, everything looked legit.

Has anyone ever run Wireshark, either on network OR USBPcap? I’d like to compare my results with a known good device.

are you saying that you’re importing your seed phrase into Exodus every time?

Sorry, no that is not what I meant. I was a bit flustered as I wrote. I meant I only entered the Exodus seedphrase into Exodus with a fresh laptop and fresh Exodus. I have never entered the Trezor seedphrase ANYWHERE, other than once onto the piece of paper, and then into the safe it went. I did a lot of research before jumping into crypto and understanding the security steps that were crucial to keeping it safe. Being in tech and actually programming for decades, I am convinced there is something bigger going on here. The fact that there are apparently MANY others with similar stories tells me there is more to the story.

Can you please post up the Wallet address and transaction ID

That’s probably not gonna help. The fakes that we have seen in the past have been speaking the Trezor protocol, the problem is that they use one of ~10 pre-defined seed phrases known to the attacker.

What is your firmware version?
Fetch the corresponding firmware image from data/firmware/t2t1 at master · trezor/data · GitHub
Run this script on it, with a challenge that you pick: trezor-firmware/tools/firmware_hash.py at main · trezor/trezor-firmware · GitHub
Lastly, install trezorctl and execute trezorctl fw get-hash <your challenge here>. If your Trezor is subverted, the results will not match.

…of course, it’s also possible that the Trezor rejected the first-time firmware installation, let you set up a wallet with the predefined seed, and then allowed you to overwrite the firmware with the official one. That way you’re still using a compromised seed but you can’t detect tampering unless you physically inspect the device.

@matejcik

Are you saying if you generate a seed from within the trezor
it wouldn’t matter if the device was fake?

No.
The easiest way to make a fake Trezor is to buy a legitimate Trezor, carefully cut it open, replace the main chip with the same type and glue it back up.
On the chip, you install a firmware from the official sources, and make small modifications to (1) remove the red “unsafe do not use” screen and (2) instead of generating the seed, give out a prebuilt one.

That’s just one way to build a fake, but it’s the easiest.

With a device like that, everything else still works. So for example, if you restore seed from elsewhere, the fake will not send it out, it will use it as normal.

Also, unless you make a separate modification, it’s gonna be possible to install an official firmware. The official firmware will overwrite the bootloader and the fake firmware, enable all the usual protections that prevent “hacking” the chip, and from that point on the Trezor will be almost as secure as the original.
(the boardloader is still the bad one, so the attacker could come to your house and reinstall the fake firmware – but not without erasing the seed currently on the Trezor).

More advanced fakes could exist that generate and then exfiltrate the seed, either in cooperation with malware on your PC, or, I dunno, embed a wireless modem into the enclosure. But that’s significantly more work, and there are no reported cases of devices this advanced, as of yet.

Thank you matejcik for the response.

I do believe your scenario of making a fake Trezor is what happened to me. I think I see physical signs of tampering on the case edge. I am searching my memory as it has been 3 years, but I don’t think I recall seeing an ‘unsafe do not use’ screen. Not that I recall!

Current firmware version is 2.6.4, which Suite says is current. I am downloading all the tools to run the test you have mentioned.

How do I run the script against the bin? I am not familiar with Python (old school programmer here).

Nevermind, I figured out how to run. Now - it is looking for two bin files:

legacy/firmware/trezor.bin not found
core/build/firmware/firmware.bin not found

I presume one of them is supposed to be the 2.6.4 bin I downloaded …

you’re supposed to pass the filename as a command line argument

Got it thanks. Here are the results. It appears my device had such a hardware hack. What next?

C:\Users\Owner\Downloads>python firmware_hash.py 8537021E02ACDB00 trezor-t2t1-2.6.4.bin
trezor-t2t1-2.6.4.bin: a4507cbbd89ae7ff26c7ded01442b2f0dea14b578558b5b35711fd68f3678f33

C:\Users\Owner\Downloads>trezorctl fw get-hash 8537021E02ACDB00
Please enter PIN on your Trezor device.
10c504aae6ae84c55ca7a937abde15a95df1780a4f65ec9e6c77ceb63e756ad4

It’s not. The value starting with 10c504... is correct. Not sure why your firmware_hash.py gave the result that you got – are you sure you downloaded the binary file, as opposed to the html page for it?

This means, at minimum, that the firmware currently running on your Trezor is legit. (the hash check is not a 100% thing, but it would take a very determined attacker to subvert it)

You are correct - I looked at the length of the hash and figured something must be wrong with the bin I downloaded. I re-downloaded using ‘trezorctl fw download’ and now I get the same hash.

So - it is still possible though, as you explained earlier, that it allowed me to download/install the updated firmware, yet behind the scenes still hold the compromised seed.

I still believe this to be the case. But how do I prove it? I will upload pictures of the unit, once I get a magnifying glass on it.

Thank you so much for helping with this, I truly appreciate it.

How can I create a ticket? I have looked through support but cannot find it.

Maybe someone who knew you had crypto visited your house and made copies of the seed phrase? Or you forgot you made a copy digitally somewhere?

I have no idea what else it could be, because your private keys never leave the Trezor device.

@dbcrypt Go to https://trezor.io/support and in the bottom right corner you can click on chat and create a ticket.

Can you please post up a picture of the hardware wallet

Also, if you did update the firmware this Would, in theory overrides even a fake wallet FW hence, making impossible for a scammer to move the funds

remember, in this scenario the scammer knows the seed from the very start

Ahh

So the scammer would keep a record of the pre programmed SEED

Sell the device
And just wait?

Would generating a new seed from the trezor save the buyer?

Also I’m assuming a passphrase would save the buyer?