Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software>Hardware wallets
Author

Topic: Ledger Nano X under supply chain attacks (Read 186 times)

Captain-Cryptory
newbie
Activity: 23
Merit: 853
Ledger Nano X under supply chain attacks
July 11, 2020, 10:23:10 AM
#8
Quote from: o_e_l_e_o on July 11, 2020, 06:44:25 AM
Quote from: Captain-Cryptory on July 09, 2020, 05:15:32 AM
Yeah,  Ledger Nano S is also vulnerable if it physically  accessed  by cracker: https://wallet.fail/wallets/nanos/
Again, you should point out that this has already been addressed.

The F00DBABE issue allowed an attacker to place custom software on the microcontroller unit (MCU), which allowed them to do things such as run snake on the Ledger Nano S. What it didn't allow them to do, however, was to access any of the data stored on the secure element, which is where your private keys are stored, since their custom software would fail the authentication process. No one was ever able to demonstrate stealing private data or a loss of funds from this issue. Regardless, it has since been patched: https://www.ledger.com/ledger-releases-a-new-nano-s-firmware-update/

Sure it was patched, but "Edisons" are enough in this world so  better to be safe than sorry when buying "new" Ledger...and then... are you certain all those devices "updated by resellers" are not maliciously modified, I'm not...better to wait for the next update and do it yourself.
Captain-Cryptory
newbie
Activity: 23
Merit: 853
Re: Ledger Nano X under supply chain attacks
July 09, 2020, 05:15:32 AM
#6
Quote from: dkbit98 on July 08, 2020, 04:18:17 PM
Kraken Labs is doing good job exposing stuff like this.
I wonder is that attack also possible on Ledger Nano S.
Ledger released firmware update only for Nano X version, and they released update for LedgerLive application also

Yeah,  Ledger Nano S is also vulnerable if it physically  accessed  by cracker: https://wallet.fail/wallets/nanos/   I consider everything said  leads to the following conclusion -  to be on the safe side  it is mandatory  to buy them directly from manufacturer. I have bought mine from the official distributor and even in my case (after receiving the device) has opened its body and checked inside wiring, soldering and elements  by comparing with the pictures published on official support page: https://support.ledger.com/hc/en-us/articles/115005321449-Check-hardware-integrity In confidence, even after it was done I didn't use it until the new firmware was released and my wallet  was upgraded.
o_e_l_e_o
legendary
Activity: 2268
Merit: 18509
Re: Ledger Nano X under supply chain attacks
July 11, 2020, 06:44:25 AM
#5
Quote from: Captain-Cryptory on July 09, 2020, 05:15:32 AM
Yeah,  Ledger Nano S is also vulnerable if it physically  accessed  by cracker: https://wallet.fail/wallets/nanos/
Again, you should point out that this has already been addressed.

The F00DBABE issue allowed an attacker to place custom software on the microcontroller unit (MCU), which allowed them to do things such as run snake on the Ledger Nano S. What it didn't allow them to do, however, was to access any of the data stored on the secure element, which is where your private keys are stored, since their custom software would fail the authentication process. No one was ever able to demonstrate stealing private data or a loss of funds from this issue. Regardless, it has since been patched: https://www.ledger.com/ledger-releases-a-new-nano-s-firmware-update/
o_e_l_e_o
legendary
Activity: 2268
Merit: 18509
Re: Ledger Nano X under supply chain attacks
July 08, 2020, 04:51:07 PM
#4
It's worth pointing out that this was disclosed to Ledger a few months ago, and so it has already been fixed. You can see their response here: https://donjon.ledger.com/lsb/013/

If you already have a Ledger Nano X, the most recent update fixes this vulnerability, and all new Ledger Nano X devices produced have the debug interface disabled.

I also think the "Rubber Ducky" attack is a bit of a non story. A malicious third party could open a Ledger Nano X device (or literally any piece of USB hardware in existence, from a webcam to a keyboard to a flash drive to a mug warmer) strip out the internals, leave behind a BadUSB-type device, and close it back up again. As long the casing looks intact, most users would plug the device in without a second thought, and therefore fall victim to the attack.
dkbit98
legendary
Activity: 2212
Merit: 7064
Cashback 15%
Re: Ledger Nano X under supply chain attacks
July 08, 2020, 04:18:17 PM
#3
Kraken Labs is doing good job exposing stuff like this.
I wonder is that attack also possible on Ledger Nano S.
Ledger released firmware update only for Nano X version, and they released update for LedgerLive application also
bob123
legendary
Activity: 1624
Merit: 2481
Re: Ledger Nano X under supply chain attacks
July 08, 2020, 12:18:08 PM
#2
Supply chain attacks are a risk for both ledger and trezor HW wallets.

Even without the enabled JTAG interface, there is a risk of getting a compromised hardware wallet.
Inserting a hardware implant was possible all the time. And with such an implant, you'd be able to (for example) trigger the button press to confirm a transaction with radio waves. 

While the enabled JTAG interface poses some new concrete attacks, the supply chain has always been a possible (and not that realistic) attack vector.
Captain-Cryptory
newbie
Activity: 23
Merit: 853
Re: Ledger Nano X under supply chain attacks
July 08, 2020, 11:40:25 AM
#1
.
Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software>Hardware wallets
Jump to: