Research Article
If I Had a Million Cryptos: Cryptowallet Application Analysis and a Trojan Proof-of-Concept
@INPROCEEDINGS{10.1007/978-3-030-05487-8_3, author={Trevor Haigh and Frank Breitinger and Ibrahim Baggili}, title={If I Had a Million Cryptos: Cryptowallet Application Analysis and a Trojan Proof-of-Concept}, proceedings={Digital Forensics and Cyber Crime. 10th International EAI Conference, ICDF2C 2018, New Orleans, LA, USA, September 10--12, 2018, Proceedings}, proceedings_a={ICDF2C}, year={2019}, month={1}, keywords={Cryptowallet Cryptocurrency Bitcoin Coinbase Android}, doi={10.1007/978-3-030-05487-8_3} }
- Trevor Haigh
Frank Breitinger
Ibrahim Baggili
Year: 2019
If I Had a Million Cryptos: Cryptowallet Application Analysis and a Trojan Proof-of-Concept
ICDF2C
Springer
DOI: 10.1007/978-3-030-05487-8_3
Abstract
Cryptocurrencies have gained wide adoption by enthusiasts and investors. In this work, we examine seven different Android cryptowallet applications for forensic artifacts, but we also assess their security against tampering and reverse engineering. Some of the biggest benefits of cryptocurrency is its security and relative anonymity. For this reason it is vital that wallet applications share the same properties. Our work, however, indicates that this is not the case. Five of the seven applications we tested do not implement basic security measures against reverse engineering. Three of the applications stored sensitive information, like wallet private keys, insecurely and one was able to be decrypted with some effort. One of the applications did not require root access to retrieve the data. We were also able to implement a proof-of-concept trojan which exemplifies how a malicious actor may exploit the lack of security in these applications and exfiltrate user data and cryptocurrency.