Ledger and Trezor are two names in the crypto universe synonymous with safety, so it is more than a little concerning that a team of three security experts have discovered four separate ways both devices can be hacked. The trio, going by the name wallet.fail, presented their results at the 35th Chaos Communication Congress in Leipzig in a presentation called “Poof goes your crypto”. The revelation of the potential exploits is sure to worry cryptocurrency holders who put their faith, and their fortunes, in these devices. We outline the four vulnerabilities below and how they can be exploited.
Supply Chain Attacks
This concept involves someone tampering with the device before it reaches the customer. This would mean the attacker has to have access to the device while it is going through the manufacturing process, with the group claiming that so-called security stickers are very easy to remove and replace. Ledger has in the past stated that they don’t use safety stickers but instead have a “cryptographic mechanism” in place that checks the integrity of the device on every boot. They also state that the “secure element chip” cannot be physically replaced or tampered with.
Wallet.fail claim that the Ledger Nano S contains a vulnerability in its bootloader (a piece of code that runs before any operating system starts), which someone with the requisite amount of knowledge could edit to siphon off funds before the device boots. This would probably be implemented via a fake firmware update notification placed online where Ledger owners would see it. Ledger and Trezor therefore both recommend only downloading software from their official site or apps.
A side-channel attack is a little more complex and involves catching radio signals emitted by the device and analyzing them to work out what has been sent to the display. The difficulty with this method for hackers is that they need to be in close proximity of the target device while it is being used, so unless your best friend is a side-channel hacker or you use your cold wallet in a public place, you’re at minimal risk of a side-channel attack.
Compromising the microcontroller in the Ledger and the Trezor will compromise the entire device, which is exactly what exploiting the chip-level vulnerability involves. Trezor claims they have patched their devices to guard against this, but the team claims it is still open to other similar attacks. Indeed, with some cheap computer hardware available from eBay, the team was able to compromise the Trezor microcontroller. This exploit is perhaps the least likely as it involves physical access to the device for an extended period of time, meaning that it would need to be borrowed or stolen first.
Practicing good security like only downloading firmware and software from official sources, never using your cold storage wallet in a public place, and keeping it in a hard-to-access location should protect you from the majority of these hacks. Start treating your ledger as if it is worth the amount of money you have stored on it and you will soon work out how vulnerable you are to the possibility of a serious hack.