In this issue, we will use the TRON wallet as an example to explain the relevant knowledge of multi-signature phishing.

Author: SlowMist Security Team

Background

In the previous issue of Web3 Security Beginner's Guide to Avoiding Pitfalls, we mainly explained the risks of downloading/purchasing wallets, finding the genuine official website, verifying the authenticity of wallets, and the risk of leaking private keys/mnemonics. We often say "Not your keys, not your coins," but there are also situations where even if you have the private key/mnemonic, you cannot control your assets, such as when the wallet is maliciously multi-signed. Combining the forms we collected about MistTrack being stolen, some users' wallets were maliciously multi-signed, and they did not understand why there was still a balance in their wallet accounts but could not transfer the funds out. Therefore, in this issue, we will use the TRON wallet as an example to explain the relevant knowledge of multi-signature phishing, including multi-signature mechanism, hackers' common operations, and how to avoid wallets being maliciously multi-signed.

Multi-signature Mechanism

First, let's briefly explain what multi-signature is. The original intention of the multi-signature mechanism is to make the wallet more secure, allowing multiple users to jointly manage and control the access and usage permissions of the same digital asset wallet. Even if some managers lose or leak the private key/mnemonic, the assets in the wallet may not necessarily be damaged.

TRON's multi-signature permission system is designed with three different permissions: Owner, Witness, and Active, each with specific functions and purposes.

Owner Permission:

• Has the highest permission to execute all contracts and operations;
• Only those with this permission can modify other permissions, including adding or removing other signers;
• After creating a new account, the account defaults to having this permission.

Witness Permission:

This permission is mainly related to Super Representatives. Accounts with this permission can participate in the election and voting of Super Representatives and manage operations related to Super Representatives.

Active Permission:

Used for daily operations, such as transfers and calling smart contracts. This permission can be set and modified by the Owner permission and is commonly used to allocate to accounts that need to perform specific tasks. It is a collection of authorized operations (such as TRX transfers, asset pledging).

As mentioned above, when a new account is created, the address of the account will default to having the Owner permission (highest permission). The account can adjust the permission structure, choose which addresses to authorize the permission of the account, specify the size of the weights of these addresses, and set the threshold. The threshold refers to the weight that needs to be reached by the signing party to execute specific operations. In the figure below, the threshold is set to 2, and the weights of the three authorized addresses are all 1. Therefore, when performing specific operations, as long as there are confirmations from 2 signing parties, the operation can take effect.

(https://support.tronscan.org/hc/article_attachments/29939335264665)

Process of Malicious Multi-signature

After hackers obtain the user's private key/mnemonic, if the user does not use the multi-signature mechanism (i.e., the wallet account is controlled by the user alone), the hacker can authorize the Owner/Active permissions to their own address or transfer the user's Owner/Active permissions to themselves. Both of these operations by the hacker are commonly referred to as malicious multi-signature, but in fact, this is a broad term. In actuality, it can be distinguished based on whether the user still has the Owner/Active permissions:

Utilizing the Multi-signature Mechanism

In the figure below, the user's Owner/Active permissions have not been removed, and the hacker has authorized their own address with Owner/Active permissions. At this point, the account is jointly controlled by the user and the hacker (threshold is 2), with the weights of the user's address and the hacker's address both being 1. Although the user holds the private key/mnemonic and has Owner/Active permissions, they cannot transfer their assets because when the user initiates a request to transfer assets, both the user's and the hacker's addresses need to sign for the operation to be executed normally.

Although the execution of asset transfer operations for multi-signed accounts requires confirmation from multiple parties, incoming transactions to the wallet account do not require multi-party signatures. If the user does not have the habit of regularly checking the account's permission status or has not made recent outgoing transactions, they may not notice that the authorization of their wallet account has been changed, and thus, they continue to suffer losses. If there are not many assets in the wallet, the hacker may wait for the account to accumulate a certain amount of digital assets before stealing all the assets at once.

Utilizing TRON's Permission Management Design Mechanism

Another situation is when a hacker utilizes TRON's permission management design mechanism to directly transfer the user's Owner/Active permissions to the hacker's address (threshold remains at 1), causing the user to lose the Owner/Active permissions and even the "voting rights." It should be noted that in this case, the hacker is not using the multi-signature mechanism to prevent the user from transferring assets, but conventionally, this situation is also referred to as the wallet being maliciously multi-signed.

The results of the above two situations are the same. Regardless of whether the user still has Owner/Active permissions, they have lost actual control of the account, and the hacker's address has obtained the highest permission of the account, enabling them to change account permissions, transfer assets, and perform other operations.

Approaches of Malicious Multi-signature

Based on the forms collected by MistTrack, we have summarized several common reasons for wallets being maliciously multi-signed. We hope that users will be more vigilant when encountering the following situations:

1. When downloading a wallet, if the correct method is not found and a fake official website link sent via Telegram, Twitter, or by a friend is clicked, resulting in the download of a fake wallet, the private key/mnemonic may be leaked, and the wallet may be maliciously multi-signed.

2. Users input their private key/mnemonic on some phishing recharge websites that sell gas cards, gift cards, or VPN services, resulting in the loss of control over their wallet accounts.

3. During OTC transactions, someone with ill intentions captures the private key/mnemonic or obtains authorization for the account through certain means, and then the wallet is maliciously multi-signed, resulting in asset losses.

4. Some scammers provide you with a private key/mnemonic, claiming that they are unable to withdraw the assets from the wallet account, and offer to reward you if you can help. Although the wallet address corresponding to this private key/mnemonic does have funds, no matter how much fee you give or how fast you are, you cannot withdraw the funds because the withdrawal permission has been configured by the scammer to another address.

5. Another less common situation is when a user clicks on a phishing link on TRON, signs malicious data, and then the wallet is maliciously multi-signed.

Summary

In this guide, we mainly used the TRON wallet as an example to explain the multi-signature mechanism, the process and tactics of hackers implementing malicious multi-signature, hoping to help deepen everyone's understanding of the multi-signature mechanism and improve the ability to prevent wallets from being maliciously multi-signed. Of course, in addition to the situation of being maliciously multi-signed, there are also some special cases. Some novice users may mistakenly set the wallet to multi-signature due to careless operation or lack of understanding, resulting in the need for multiple signatures to make transfers. In this case, users only need to meet the multi-signature requirements or authorize the Owner/Active permissions to only one address in the permission management to restore single-signature capability.

Finally, the SlowMist Security Team recommends that users regularly check account permissions for any anomalies, download wallets from official sources, as we discussed in Web3 Security Beginner's Guide to Avoiding Pitfalls: Fake Wallets and Risks of Private Key/Mnemonic Leakage; avoid clicking on unknown links, and never enter private keys/mnemonics easily; install antivirus software (such as Kaspersky, AVG, etc.) and phishing risk blocking plugins (such as Scam Sniffer) to enhance device security.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。