Device-enforced confirmation to restore from a uSD backup

[Shift Crypto security announcements]

On January 4th, 2022, we identified a potential vulnerability in the BitBox02. Before the update released today in the app v4.31.0 bundling firmware v9.9.0, a compromised microSD card in conjunction with a maliciously altered BitBoxApp could have allowed an adversary to disguise a restore from the compromised microSD card as a new wallet initialization.

Today's release eliminates this attack scenario. The BitBox02 now always prompts an on-device confirmation to restore a wallet from a backup, displaying information sufficient to identify the backup on its screen.

Am I at risk?

This is a theoretical attack scenario with an associated low risk. We have identified this issue ourselves, there are no reports of lost funds, and we did not find any evidence that the vulnerability has been exploited. The scenario bears high costs of an exploit implementation compared to a reward.

Simply check the backup name following the regular procedure described on https://shiftcrypto.support/help/en-us/19-microsd-card/46-how-to-verify-my-microsd-card-wallet-backup. The expectation is that the wallet name set during initial setup is the same name as the backup. If you have questions, as always please contact us at sup...@shiftcrypto.ch.

The app update is available on https://shiftcrypto.ch/download/ or https://github.com/digitalbitbox/bitbox-wallet-app/releases/tag/v4.31.0. Remember to verify the checksum and the signature.

More info about this update is available at https://shiftcrypto.ch/blog/bitbox-01-2022-maighels-update/.