Researcher demonstrates how vulnerable Ledger Nano S wallets are to hacking

Cryptocurrency hardware wallet manufacturer Ledger can’t seem to catch a break.

Weeks after the company confirmed a flaw in its wallets which makes them susceptible to man-in-the-middle-attacks , independent security researcher Saleem Rashid has demonstrated a new attack vector hackers can employ to break your Ledger Nano S and steal your precious coins – both physically and remotely.

“The vulnerability arose due to Ledger’s use of a custom architecture to work around many of the limitations of their Secure Element,” Rashid explains in a blog post. “An attacker can exploit this vulnerability to compromise the device before the user receives it, or to steal private keys from the device physically or, in some scenarios, remotely.”

The researcher has outlined at least three separate attack vectors, but his report focuses on the case of “ supply chain attacks ” which do not require infecting target computers with additional malware, nor do they insist on the user to confirm any transactions.

As Rashid notes, the Nano S is equipped with two separate microcontroller units . One of the microcontrollers stores the private key and other confidential data, while the other one acts as its proxy to support its display function, buttons, and USB interface.

In the current setup, the former microcontroller can only communicate directly to the second unit, but the latter unit can communicate with peripherals on behalf of the former.

The problem, according to Rashid, is that unlike the former microcontroller which can perform cryptographic attestation to determine whether the device is running genuine Ledger firmware, the latter microcontroller has no way of confirming such information since it is non-secure.

The researcher points out the company has indeed implemented some mechanisms against hardware and software spoofing, but is quick to note that due to the non-secure nature of the latter microcontroller, the verification process is practically futile from the start.

This means that non-technical users are stuck with a device susceptible to attacks, but have no easy way of confirming their device hasn’t been tampered with. What is worse is that Ledger does not provide tamper-proof packaging because its devices are built to prevent any such interception or spoofing.

“ Since the attacker controls the trusted display and hardware buttons, it is astonishingly difficult to detect and remove a well-written exploit from the device,” he wrote.

Rashid has since uploaded a video demo as a proof of concept, you can watch the footage here .

While CEO Eric Larchevêque has downplayed the severity of the vulnerability in comments on Reddit, Ledger has since released a firmware update (1.4.1) that mitigates the architecture shortcomings of the Nano S. You can grab the patch here .

In fact, Rashid himself has urged users to get the update as soon as possible.

Rashid further warns that the new Ledger Blue, which functions identically to the Nano S, has yet to get a firmware update. For what it’s worth, the researcher is first to admit that he hasn’t had a chance to look into Blue’s architecture in depth – so there is a chance the device is not vulnerable to this exploit.

This is at least the second time the French cryptocurrency wallet manufacturer has come under fire for the deficient security of its devices. A few weeks back we wrote about a flaw in Ledger hardware wallets which makes it possible to infect the devices with malware designed to trick users into unknowingly sending their cryptocurrency to hackers.

While the company ultimately confirmed the issue, it added there is “no evidence that anyone in the Ledger community was impacted by this issue.”

It then went on to downplay the severity of the attack vector, arguing that the issue “is an industry wide issue.”

“All hardware wallets are affected,” a Ledger spokesperson told TNW over email back then. “This is not a vulnerability of the device, but a reminder about the fact you cannot trust what you see on the screen of your computer.”

We reached out to Ledger for further comment, but the company could not provide us with a written statement at the time of writing. We will update this piece with their statement as soon as we hear back from them.

In the meantime, those curious about all the little technical details behind the vulnerability disclosure can peruse the full report on Rashid’s official blog here .

Update: Ledger chief security officer Charles Guillemet has since disputed some of the claims made by Rashid.

“The Ledger Nano architecture is built around a secure element: a secure chip,” he told us over email. “A microcontroller is also in charge of the USB proxy, and of interacting with the buttons and screen. The authentication of the microcontroller is performed by the secure chip.”

“Saleem’s proof of concept is that a scammer reseller who gets access to the device physically before it is set up by the user could potentially load a malicious firmware on the microcontroller, allowing to fool the user during it onboarding process,” he further added.

Guillemet also clarified that Ledger distributes most of its devices via “professional resellers.”

“We’re selling a majority of our devices directly. As for our official resellers, they are selected amongst professional resellers and screened based on a thorough KYC process including their technical expertise in cryptocurrencies,” Guillemet said.

He further claimed that the “Ledger devices are based on a secure element, the secure chip, the same one that protects passports or credit cards, adding that firmware update (1.4.1) eliminates the vulnerability.

For the record, Rashid insists that while the firmware does indeed mitigate the risks involved, there might be a chance the vulnerability could still be exploited.

After Google and Facebook, Twitter is planning to kill cryptocurrency ads too

Following in the footsteps of Facebook and Google , Twitter is also contemplating banning all cryptocurrency advertising from its platform.

The updated advertising policy stands to prohibit promotional content for initial coin offerings (ICO), token sales, and cryptocurrency wallets globally, according to a report from Sky News. The new rules might come into power as early as the first week of April.

It remains unclear precisely how restrictive the updated policy will be for digital currencies, but Twitter is purportedly considering outlawing advertisements for cryptocurrency exchange desks too – though the microblogging service might allow for some exceptions in the beginning.

The move comes only a week after Google vowed to take similar measures, revealing that it will nix all cryptocurrency-related ads from its AdWords platfrom starting from June. For the record, the Big G clarified the crypto-ad-ban fits within its larger mission to thwart malicious advertising. It further added it has purged nearly 3.2 million “bad ads” from its services in 2017 alone.

Facebook argued that banning cryptocurrency ads makes sense as such content is “frequently associated with misleading or deceptive promotional practices.” Though we later found out that some ads still slipped through the cracks .

With this in mind, Twitter would have seemed like a logical alternative for cryptocurrency startups with lofty marketing budgets. But it appears that akin to Facebook and Google, the company wants none of the controversy and volatility inherent to the blockchain space.

For context, experts suggest that Google and Facebook account for the lion’s share of all ad revenue worldwide, scooping about 63 percent of all ad money spent in the US. By contrast, Twitter purportedly attracts a measly one percent of ad revenue – though it could’ve used this opportunity to score some new business.

Factoring in the rampant spread of fraudulent projects in the blockchain industry, it’s difficult to criticize Twitter for taking a cautious approach to cryptocurrencies.

But the conundrum remains: With all that cash around , who are cryptocurrency startups going to turn for advertising?

Now that Google, Facebook, and Twitter are all out, the most logical alternative is the media. The only question is whether cryptocurrency marketers will prefer to walk through the main entry (and work out sponsored agreements with selected outlets) – or take the back door and keep things behind closed curtains.

Even though blockchain and cryptocurrency might not be perfect yet, we’re exploring the possibilities at TNW Conference 2018. Find more info here .

With $417K, EOS accounts for two-thirds of all cryptocurrency bug bounties in 2018

As interest, adoption , and venture funding in blockchain tech continue to rise, so do attacks from hackers. In an effort to counteract potential threats, a growing list of startups in the cryptocurrency space have opted to launch programs to invite hackers to disclose vulnerabilities responsibly – instead of exploiting them for personal gains. And data suggests the strategy is working.

The total number of blockchain companies with active vulnerability disclosure programs has almost doubled since last year, according to HackerOne stats shared exclusively with Hard Fork. The stats also suggests the overall number of vulnerability submissions for blockchain companies is also on track to double in 2018.

HackerOne refrained from sharing the exact number for this year, but there are more than 3,000 blockchain-related vulnerability submissions on its platform in total.

Additionally, the data shows that compared to last year, the total sum of bounties handed out by blockchain firms has jumped more than 500 percent, from $90,000 in 2017 to almost $600,000 in 2018 – and we still have a few months to go. You can thank Blockne and the nigthmarish launch of the EOS blockchain for that.

As far as blockchain companies go, EOS leads the all-time charts, with more than $417,000 awarded since the launch of its bug bounty program in May . Indeed, $120,000 of the prize money was claimed by one single (white-hat) hacker .

Exchange desk giant Coinbase surfaces as the all-time runner-up, having shelled out over $281,000 in bug bounties. The main difference here is that unlike EOS which got on HackerOne a few months ago, Coinbase has been disclosing flaws on HackerOne since March 2014.

Interestingly, the third and fourth biggest companies based on bug bounty rewards are Blokchain and Augur . However, with $13,950 and $9,700 handed out in disclosure rewards, both are significantly trailing behind EOS and Coinbase.

In fact, the sheer volume of bounties given out by EOS seems to have increased the average bounty prize from $300 last year to $2,100 in 2018. Singling out EOS-issuer Blockne and its hefty rewards, HackerOne chalks up the spike in bounty prizes to the willingness of companies to launch programs with more competitive rewards.

While it is a somewhat disturbing to find such a large amount of kinks in decentralized software, the move towards launching programs to encourage responsible bug disclosures in the cryptocurrency space is a desired trend – even more so because lost funds on the blockchain are usually impossible to recover.

While vulnerabilities are by no means limited strictly to decentralized apps, blockchain tech comes with some unique challenges. Unlike centralized solutions, most distributed ledgers are immutable. Once information is recorded, it is impossible to reverse it (hence why you see so many forced hard forks in emergency situations ).

Blockchains’ immutability features can certainly play an important role in eliminating surreptitious tampering in certain cases, but when money is involved – it becomes a liability of its own. Bug bounty programs not only offer hackers an alternative avenue to outright exploiting (and cashing in on) flaws, but they also hold companies more accountable.

“ For cryptocurrency and more broadly blockchain technologies and companies to grow and prosper, on-going security vetting by independent hackers is a must,” HackerOne CEO Marten Mickos told Hard Fork. “With a large community of hackers looking for security vulnerabilities, there is a real chance of finding and fixing the weaknesses in time.”

Hopefully, this new-found focus on security can help the blockchain space bring down the $761 million worth of cryptocurrency that was lost to hackings and thefts in 2018.

Meanwhile, if you’re looking for a big payday: Augur’s $200,000 bug bounty for critical issues is still up for grabs . But are you up to the task?