Exploding Hezbollah pagers have bitcoiners worried, too


After thousands of Hezbollah members were reportedly injured, and some killed, due to exploding pager devices yesterday, bitcoiners have renewed their concerns about the long-standing risk of supply chain attacks on their hardware wallets.

Although official information is scarce, one theory being discussed is that Israel tampered with the devices during a supply chain attack, enabling them to detonate the pagers. This has led to concerns among bitcoiners that a similar scenario could be used in the hardware wallet industry.

For example, criminals could tamper with the components of these devices to gain access to private keys or special codes stored in the wallets, allowing them to steal bitcoin (BTC) or other crypto assets.

ADVERTISEMENT

According to blockchain security specialist SlowMist, malicious software and code can be implanted at various stages in the software supply chain, including development tools, third-party libraries, cloud services, and software updates.

"Once these malicious elements are successfully injected, attackers can use them to steal digital assets and sensitive user information, disrupt system functionality, extort businesses, or spread malware on a large scale," they added.

In December 2023, some users of the Ledger hardware wallet experienced an attack that was also attributed to a supply chain vulnerability.

At the time, Ledger Connect Kit, a software library often used in other apps, was compromised and replaced with a drainer. For several hours, users of this library were exposed to malicious code that attempted to steal the data used to connect to their wallets and steal funds. This incident not only affected Ledger but also impacted other crypto projects.

As Jameson Lopp, co-founder and Chief Security Officer of Casa, a BTC and ethereum (ETH) custody solutions provider, noted back then, "this attack was a fascinating example of how, despite the widely distributed and decentralized nature of the crypto ecosystem, there are still single points of failure."

In that case, a single compromised (former) employee account put users' funds at risk due to the interconnected nature of widely adopted software libraries.

ADVERTISEMENT