Ledger cryptocurrency hardware wallets have been found to be vulnerable, a teenage security researcher revealed in a blog post. The 15-year-old Saleem Rashid discovered the bug that allowed attackers to fabricate the device’s seed generation, and this way harvest any funds stored in addresses produced from this seed. “The vulnerability arose due to Ledger’s use of a custom architecture to work around many of the limitations of their Secure Element”, Rashid explained.
How can this vulnerability be exploited?
An attacker can leverage the flaw to compromise the device before the user receives it, the young researcher said. An attacker can also steal private keys from the device physically or even remotely.
Physical access before setup of the seed is possible. This is known as supply chain attack. This type of attack typically doesn’t need malware initially installed on the targeted system. It also doesn’t need the user to confirm any transactions. The researcher was able to demonstrate this attack on a real Ledger Nano S. He also went further – he sent the source code to Ledger so that the company could reproduce it.
More specifically, a supply chain attack is when a bad actor installs malicious firmware on a Ledger device and then sells it on a third-party marketplace like Amazon or eBay. And this is not an unlikely scenario, as users often but devices from third-party retailers. As to why users are willing to take this risk – hardware wallet manufacturers are often unable to produce enough devices to keep up with the growing demand and run out of stock.
The vulnerability also grants physical access after setup. This type of compromise enables the attacker to extract the PIN, recovery seed and any used BIP-39 passphrases. The only condition is that the device has been used lease once before the actual attack.
This type of attack also doesn’t need malware pre-installed on the machine, and it doesn’t require the user to confirm any transactions. The only thing that is needed is the attacker to install a custom MCU firmware to exfiltrate the private keys without the user’s knowledge.
And finally, the vulnerability can be leveraged in a malware attack that may be carried out with the help of social engineering techniques. In this scenario, the user would have to update the MCU firmware on an infected machine. How can this happen? By displaying an error message that prompts the user to reconnect the device with the left button held down (to enter the MCU bootloader). Then the malware can update the MCU with malicious code, allowing the malware to take control of the trusted display and confirmation buttons on the device, the researcher explained.
This type of attack can be quite “fruitful” if it is deployed when a legitimate firmware update is released.
How did Ledger respond?
Ledger executives seem to have had an argument with Rashid on social media after the firmware update was released. The CEO of Ledger, Éric Larchevêque, even said that the young researcher exaggerated the severity of the flaw, claiming that:
The vulnerability reported by Saleem requires physical access to the device BEFORE setup of the seed, installing a custom version of the MCU firmware, installing a malware on the target’s computer and have him confirm a very specific transaction.
Here’s Rashid’s response to this:
I am puzzled as to where this claim could have originated from. From later contact with Ledger, I was informed that the CEO had not at all been briefed on the security vulnerability when they made these comments on Reddit. […] there are three methods to exploit this vulnerability, none of which require conditions as unlikely as those.