Hardware wallet Ledger Nano S was broken in by a teenage security expert, Saleem Rashid, who located a problem with the “tamper-free” wallet.
The story started on Nov. 2017, when Rashid conveyed a shortcoming to Ledger CTO, Nicolas Bacca, which could let attackers steal sums of money from wallet users.
Rashid had noticed that the microcontroller active in the wallet was not safe. Although it permitted the use of buttons and displays to input data, it was linked as a proxy to the Secure Element (SE). The latter comprised of private keys which implied that a hacker could trick the SE in different techniques. Here’s how: vendors and resellers could alter microcontroller’s firmware which, now conceded, could authenticate its ‘identity’ to the SE.
He further enlightened that the attacker could take control of the user interface and use their malicious code to set chance to zero and add a retrieval seed of their personal choice. Rashid selected the word ‘abandon’ to demonstrate his point in an uploaded video. Now that the invader had the mnemonic slogan, they could acquire the private keys easily.
Rashid realized that the flaw was not taken seriously by the team after he had sent the study to Ledger. Nonetheless, they did broadcast a firmware update on Mar. 6, which was deeply criticized by Rashid. He published his opinions on Twitter, as he trusted that the team should either have published it as a critical update or camouflaged it so that hackers did not get time to use this trick.
As one of the security researchers, I encourage you to update now. This article does not emphasize enough how dangerous this issue can be.
On the 20th of March, Ledger broadcasted another update that clarified three glitches discovered by bounty program investigators: Timothée Isnard, Saleem Rashid, and Sergei Volokitin. Remarkably, Rashid refuted this statement because the validation of Ledger’s Bounty Program Agreement would ban him from broadcasting a technical report, which he evidently did on the very same day.
As for the new updates, Rashid clarified that he was not permitted to receive the ‘release candidate’ by the business, but he supposed that the new fixes were not absolutely free from hacker attacks.