Cryptocurrency hardware wallet manufacturer Ledger can’t seem to catch a break.
Weeks after the company confirmed a flaw in its wallets which makes them susceptible to man-in-the-middle-attacks, independent security researcher Saleem Rashid has demonstrated a new attack vector hackers can employ to break your Ledger Nano S and steal your precious coins – both physically and remotely.
“The vulnerability arose due to Ledger’s use of a custom architecture to work around many of the limitations of their Secure Element,” Rashid explains in a blog post. “An attacker can exploit this vulnerability to compromise the device before the user receives it, or to steal private keys from the device physically or, in some scenarios, remotely.”
The researcher has outlined at least three separate attack vectors, but his report focuses on the case of “supply chain attacks” which do not require infecting target computers with additional malware, nor do they insist on the user to confirm any transactions.
As Rashid notes, the Nano S is equipped with two separate microcontroller units. One of the microcontrollers stores the private key and other confidential data, while the other one acts as its proxy to support its display function, buttons, and USB interface.
In the current setup, the former microcontroller can only communicate directly to the second unit, but the latter unit can communicate with peripherals on behalf of the former.
The problem, according to Rashid, is that unlike the former microcontroller which can perform cryptographic attestation to determine whether the device is running genuine Ledger firmware, the latter microcontroller has no way of confirming such information since it is non-secure.
The researcher points out the company has indeed implemented some mechanisms against hardware and software spoofing, but is quick to note that due to the non-secure nature of the latter microcontroller, the verification process is practically futile from the start.
This means that non-technical users are stuck with a device susceptible to attacks, but have no easy way of confirming their device hasn’t been tampered with. What is worse is that Ledger does not provide tamper-proof packaging because its devices are built to prevent any such interception or spoofing.
“Since the attacker controls the trusted display and hardware buttons, it is astonishingly difficult to detect and remove a well-written exploit from the device,” he wrote.
Rashid has since uploaded a video demo as a proof of concept, you can watch the footage here.
While CEO Eric Larchevêque has downplayed the severity of the vulnerability in comments on Reddit, Ledger has since released a firmware update (1.4.1) that mitigates the architecture shortcomings of the Nano S. You can grab the patch here.
In fact, Rashid himself has urged users to get the update as soon as possible.
As one of the security researchers, I urge to update now. This article doesn't make it clear enough how dangerous this issue can be.
Potential issues include compromised recovery seed generation or private key extraction. https://t.co/Z2WGFZnFAA
— Saleem Rashid (@spudowiar) March 6, 2018
Rashid further warns that the new Ledger Blue, which functions identically to the Nano S, has yet to get a firmware update. For what it’s worth, the researcher is first to admit that he hasn’t had a chance to look into Blue’s architecture in depth – so there is a chance the device is not vulnerable to this exploit.
This is at least the second time the French cryptocurrency wallet manufacturer has come under fire for the deficient security of its devices. A few weeks back we wrote about a flaw in Ledger hardware wallets which makes it possible to infect the devices with malware designed to trick users into unknowingly sending their cryptocurrency to hackers.
While the company ultimately confirmed the issue, it added there is “no evidence that anyone in the Ledger community was impacted by this issue.”
It then went on to downplay the severity of the attack vector, arguing that the issue “is an industry wide issue.”
“All hardware wallets are affected,” a Ledger spokesperson told TNW over email back then. “This is not a vulnerability of the device, but a reminder about the fact you cannot trust what you see on the screen of your computer.”
We reached out to Ledger for further comment, but the company could not provide us with a written statement at the time of writing. We will update this piece with their statement as soon as we hear back from them.
In the meantime, those curious about all the little technical details behind the vulnerability disclosure can peruse the full report on Rashid’s official blog here.
Update: Ledger chief security officer Charles Guillemet has since disputed some of the claims made by Rashid.
“The Ledger Nano architecture is built around a secure element: a secure chip,” he told us over email. “A microcontroller is also in charge of the USB proxy, and of interacting with the buttons and screen. The authentication of the microcontroller is performed by the secure chip.”
“Saleem’s proof of concept is that a scammer reseller who gets access to the device physically before it is set up by the user could potentially load a malicious firmware on the microcontroller, allowing to fool the user during it onboarding process,” he further added.
Guillemet also clarified that Ledger distributes most of its devices via “professional resellers.”
“We’re selling a majority of our devices directly. As for our official resellers, they are selected amongst professional resellers and screened based on a thorough KYC process including their technical expertise in cryptocurrencies,” Guillemet said.
He further claimed that the “Ledger devices are based on a secure element, the secure chip, the same one that protects passports or credit cards, adding that firmware update (1.4.1) eliminates the vulnerability.
For the record, Rashid insists that while the firmware does indeed mitigate the risks involved, there might be a chance the vulnerability could still be exploited.
Published March 20, 2018 — 16:40 UTC