Written by: SlowMist Security Team
background
In the previous issue of Web3 Security Beginner's Guide to Avoiding Pitfalls, we mainly explained the risks when downloading/purchasing wallets, how to find the real official website and verify the authenticity of the wallet, and the risk of private key/mnemonic leakage. We often say "Not your keys, not your coins", but there are also situations where even if you have a private key/mnemonic, you cannot control your assets, that is, the wallet has been maliciously multi-signed. Combined with the MistTrack theft form we collected, some users' wallets were maliciously multi-signed and they didn't understand why they still had a balance in their wallet accounts but couldn't transfer the funds out. Therefore, in this issue, we will take the TRON wallet as an example to explain the relevant knowledge of multi-signature phishing, including the multi-signature mechanism, the hacker's routine operations, and how to avoid malicious multi-signatures on wallets.
Multi-signature mechanism
Let us first briefly explain what multi-signature is. The original intention of the multi-signature mechanism is to make the wallet more secure, allowing multiple users to jointly manage and control the access and use rights of the same digital asset wallet. Even if some managers lose or leak private keys/mnemonics, the assets in the wallet will not necessarily be damaged.
TRON's multi-signature permission system is designed with three different permissions: Owner, Witness, and Active, each with specific functions and uses.
Owner permissions:
Have the highest authority to execute all contracts and operations;
Only users with this permission can modify other permissions, including adding or removing other signers;
After creating a new account, the account itself has this permission by default.
Witness permissions:
This permission is mainly related to Super Representatives. Accounts with this permission can participate in the election and voting of Super Representatives and manage operations related to Super Representatives.
Active permissions:
Used for daily operations, such as transfers and calling smart contracts. This permission can be set and modified by the Owner permission and is often assigned to accounts that need to perform specific tasks. It is a collection of several authorized operations (such as TRX transfers and pledged assets).
As mentioned above, when a new account is created, the address of the account will have Owner permissions (the highest permissions) by default. You can adjust the permission structure of the account, choose which addresses to authorize the permissions of the account, specify the weight of these addresses, and set the threshold. The threshold refers to the weight of the signatory to perform a specific operation. In the figure below, the threshold is set to 2, and the weights of the three authorized addresses are all 1. Then, when performing a specific operation, as long as there is confirmation from two signatories, the operation will take effect.
(https://support.tronscan.org/hc/article_attachments/29939335264665)
Malicious multi-signing process
After the hacker obtains the user's private key/mnemonic, if the user does not use the multi-signature mechanism (that is, the wallet account is controlled by only one user), the hacker can authorize the Owner/Active permissions to his own address or transfer the Owner/Active permissions of the user to himself. These two operations of the hacker are usually referred to as malicious multi-signature, but this is actually a broad term. In fact, it can be distinguished based on whether the user still has Owner/Active permissions:
Using multi-signature mechanism
In the figure below, the user's Owner/Active permissions have not been removed, and the hacker has authorized Owner/Active permissions to his own address. At this time, the account is controlled by both the user and the hacker (the threshold is 2), and the weights of the user's address and the hacker's address are both 1. Although the user holds the private key/mnemonic and has Owner/Active permissions, he cannot transfer his assets because when the user initiates a transfer request, both the user and the hacker's address need to sign for the operation to be executed normally.
Although the multi-signed account needs to be confirmed by multiple signatures to transfer assets, it does not require multiple signatures to deposit funds into the wallet account. If the user does not have the habit of regularly checking the account permissions or has not made any transfers recently, he or she will generally not find that the authorization of his or her wallet account has been changed, and the damage will continue. If there are not many assets in the wallet, the hacker may play the long game and wait for the account to accumulate a certain amount of digital assets before stealing all the digital assets at once.
Utilize TRON’s permission management design mechanism
Another situation is that hackers use TRON's permission management design mechanism to directly transfer the user's Owner/Active permissions to the hacker's address (the threshold is still 1), causing the user to lose Owner/Active permissions and even "voting rights". It should be noted that the hacker here does not use the multi-signature mechanism to prevent users from transferring assets, but people usually call this situation malicious multi-signature of the wallet.
The results of the above two situations are the same. Regardless of whether the user still has Owner/Active permissions, he or she has lost actual control over the account. The hacker address has obtained the highest permissions of the account and can perform operations such as changing account permissions and transferring assets.
Malicious multi-signing methods
Combining the stolen forms collected by MistTrack, we have summarized several common reasons why wallets are maliciously multi-signed. We hope that users will be more vigilant when encountering the following situations:
1. When downloading the wallet, the correct path was not found, and the fake official website link sent by Telegram, Twitter, and netizens was clicked, and the wallet was downloaded to a fake wallet. As a result, the private key/mnemonic phrase was leaked and the wallet was maliciously multi-signed.
2. Users entered their private keys/mnemonics on phishing recharge websites that sell gas cards, gift cards, and VPN services, and as a result, lost control of their wallet accounts.
3. During OTC transactions, someone may take a photo of the private key/mnemonic phrase or use some other means to obtain the account authorization, and then the wallet may be maliciously multi-signed, causing the assets to be damaged.
4. Some scammers provide you with the private key/mnemonic phrase, saying that they cannot withdraw the assets in the wallet account, and they will reward you if you can help. Although the wallet address corresponding to this private key/mnemonic phrase does have funds, no matter how much handling fee you pay or how fast you move, you cannot withdraw the funds because the withdrawal permission has been configured by the scammer to another address.
5. Another rare situation is that the user clicked on a phishing link on TRON, signed malicious data, and then the wallet was maliciously multi-signed.
Summarize
In this guide, we mainly use the TRON wallet as an example to explain the multi-signature mechanism, the process and routines of hackers implementing malicious multi-signatures, hoping to help everyone deepen their understanding of the multi-signature mechanism and improve their ability to prevent wallets from being maliciously multi-signed. Of course, in addition to the situation of malicious multi-signatures, there are also some special cases. Some novice users may mistakenly set their wallets to multi-signatures due to careless operation or lack of understanding, resulting in multiple signatures required for transfers. At this time, the user only needs to meet the multi-signature requirements or authorize the Owner/Active permission to only one address in the permission management, and restore the single signature.
Finally, the SlowMist security team recommends that users check account permissions regularly to see if there are any abnormalities; download wallets from official channels. We have talked about how to find the correct official website and verify the authenticity of wallets in the Web3 Security Getting Started Guide | Fake Wallets and Private Key Mnemonic Leakage Risks; do not click on unknown links, and do not easily enter private keys/mnemonics; install anti-virus software (such as Kaspersky, AVG, etc.) and phishing risk blocking plug-ins (such as Scam Sniffer) to improve device security.