Slashdot Mirror

← Back to Stories (view on slashdot.org)

A 15-Year-Old Hacked the Secure Ledger Crypto Wallet (techcrunch.com)

Posted by BeauHD on from the lost-and-found dept.

An anonymous reader quotes a report from TechCrunch: A 15-year-old programmer named Saleem Rashid discovered a flaw in the popular Ledger hardware wallet that allowed hackers to grab secret PINs before or after the device was shipped. The holes, which Rashid described on his blog, allowed for both a "supply chain attack" -- meaning a hack that could compromise the device before it was shipped to the customer -- and another attack that could allow a hacker to steal private keys after the device was initialized. The Ledger team described the vulnerabilities dangerous but avoidable. For the "supply chain attack," they wrote: "by having physical access to the device before generation of the seed, an attacker could fool the device by injecting his seed instead of generating a new one. The most likely scenario would be a scam operation from a shady reseller." "If you bought your device from a different channel, if this is a second hand device, or if you are unsure, then you could be victim of an elaborate scam. However, as no demonstration of the attack in the real has been shown, it is very unlikely. In both cases, a successful firmware update is the proof that your device has never been compromised," wrote the team.

Further, the post-purchase hack "can be achieved only by having physical access to the device, knowing your PIN code and installing a rogue unsigned application. This rogue app could break isolation between apps and access sensitive data managed by specific apps such as GPG, U2F or Neo." Ledger CEO Eric Larcheveque claimed that there were no reports of the vulnerability effecting any active devices. "No one was compromised that we know of," he said. "We have no knowledge that any device was affected." Rashid, for his part, was disappointed with the speed Ledger responded to his claims.

68 comments

  1. Re by Anonymous Coward · · Score: 0

    I've been reading his Twitter for a while. Smart kid :)

    1. Re:Re by Mr0bvious · · Score: 3

      There are far simpler attacks and plenty of fools out there to fall for it.

      What's more, a hardware wallet is poor cold storage device - far too many ways for it to be compromised. If you're using a hardware wallet as your "secure offline wallet" then you're doing it wrong.

      If you **need** convenience then a hardware wallet is useful, but treat it like your real cash wallet. That is, don't stick your life savings into it.

      If you are after security, then paper wallets are the way to go. They lack a lot of convenience but as far as I understand, the only two vectors for attack are at key generation (do it offline and secure and you significantly reduce or eliminate any chance here) and the storage of any physical access tokens (pass phrases/secret keys/etc).

      IMO hardware wallets are the least secure option since there are just too many opportunities for the devices to be already compromised prior to receipt.

      --
      Never happened. True story.
    2. Re:Re by ctilsie242 · · Score: 1

      I don't see how a hardware wallet is any more secure (in practical terms, that is) than a cellphone running LineageOS and no SIM or an iPod Touch.

      iPods may be passe, but an iPod Touch is well suited for a near-line wallet. It has on-disk encryption, decent protection, no cellular system, so it has to be explicitly connected to do transactions, and doesn't have as many subsystems (which could be hacked or exploited, like the cellular CPU.) Of course, the wallet app should "pack its own parachute" and do its own separate encryption on data, even if the OS does its own encryption. This could be done using OpenPGP libraries or OpenSSL libraries.

    3. Re: Re by Anonymous Coward · · Score: 0

      Not impressive. This attack has already been done by seedy resellers of hardware keys.

  2. Well said by sn0wflake · · Score: 2

    That is actually the most eloquently informing feedback I've ever read.

    1. Re:Well said by fizzer06 · · Score: 1

      I saw that too and wonder what's really going on there.

    2. Re:Well said by Anonymous Coward · · Score: 0

      Very few. So some? So maybe not?

  3. And? by Anonymous Coward · · Score: 0

    so if the guy at my local home depot makes 2 copies of my house key..... i'm screwed?

    1. Re:And? by Anonymous Coward · · Score: 1

      You shouldn't use locks with keys that can be so easily duplicated.

    2. Re:And? by Locke2005 · · Score: 2

      You WATCH the guy at home depot use the key grinding machine, don't you? Plus, the key in and of itself is useless without the address of the door it unlocks. The supply chain attack is a real potential problem; there are certainly vendors lax enough to let that happen. After the key is initialized, I'd think smart people would avoid letting people have physical access to the machine long enough to hack it. I guess the moral is, you should always by crypto hardware from reliable sources.

      --
      I've abandoned my search for truth; now I'm just looking for some useful delusions.
    3. Re: And? by Anonymous Coward · · Score: 1

      Your house key comes down to 5 digits. Unless you have higher security locks. Then it's 7-15 digits, still not too hard to memorize.
      Key guy can just wait for you to leave and cut another. Then finding where you live is their own problem. He could politely ask for your name and you might think nothing of telling him. He might be able to work with just that. He might just have a friend in the parking lot ready to follow you home.

    4. Re: And? by Anonymous Coward · · Score: 0

      Any stupid key can be duplicated in seconds, you idiot.

    5. Re:And? by Anonymous Coward · · Score: 0

      the key in and of itself is useless without the address of the door it unlocks.

      But that guy says I have to show my ID to have a key made.

    6. Re:And? by Anonymous Coward · · Score: 0

      just about any key nowadays can be easily duplicated. Even those so called special security keys, it is just a matter of having the key in your hand for a few seconds to take an imprint and then the right tools to create it.

    7. Re: And? by Anonymous Coward · · Score: 0

      And I might have a .38 in my car waiting to shoot the fucker in the face that decided to follow me home.

    8. Re:And? by Anonymous Coward · · Score: 0

      Wow, I didn't expect to find any advocates of security by obscurity on Slashdot. How this place has fallen...

    9. Re:And? by Anonymous Coward · · Score: 0

      In the past you would watch the person. Now however (OK, this was Lowe's and not Home Depot but the same idea), there is a self service kiosk. You put your key in and you put your credit card in. It makes however many keys you asked for using whichever design stock you asked for (they have colors and characters and whatnot). You do watch it make your keys. But it could easily save your pattern and make more later. And with your credit card info it is likely that they could use their big data to figure out your address. And match up all of your purchases so that they know what they are coming to steal.

    10. Re: And? by Anonymous Coward · · Score: 0

      LOL these gun nuts.

      Look, if someone tails you home, you'll never know unless they're completely incompetent. You are 100% not going to notice, because you are 100% not paying attention, because you are 100% not an imaginary spy in a fucking movie where that happens for dramatic effect.

    11. Re:And? by Locke2005 · · Score: 1

      Both valid points. My current strategy is to replace all the looks with Kwikset SmartKey devices every time I move into a new house, since you never know who still has keys to the existing locks. Then you can rekey yourself with a random Kwikset key set every time you lose a key. As far as the original problem, any way of factory resetting the wallet, effectively erasing ALL non-permanent data, and starting from scratch? That is pretty much a feature they need to support for the device to be trusted, especially if people start reselling them.

      --
      I've abandoned my search for truth; now I'm just looking for some useful delusions.
  4. Re:HILLARY DIES IN PRISON EITHER WAY by Anonymous Coward · · Score: 0

    Trump's going to serve her with a bunch of indictments. Just you wait. She'll be WISHING she was the KKK president after she drops the soap the first time in that prison shower room.

  5. Not secure against physical attack - duh! by FeelGood314 · · Score: 3, Insightful

    Unless you mined the sand yourself, built the lithography machine and pretty much did every other step in building the device you can't be secure against an attack where someone physically substitutes part of the product on you. If the Pseudo Random Number Generator has a seed the attacker knows, or the program in the device is completely rewritten by the attacker or the entire device is counter fit, the bad guy will win and there is nothing that the makers of the Crypto Ledger Wallet can do.

    These aren't the attacks I need to worry about. Crypto Ledger Wallet was polite in even responding to this kid. John Biggs (writer for Tech Crunch) is an idiot for even writing the story.

    1. Re:Not secure against physical attack - duh! by tlhIngan · · Score: 1

      No, this is a problematic attack.

      Your wallet is secured with a private key. This hack basically rewrites the RNG that generates that key to make it not so random.

      As for physical access? The box doesn't come sealed, and the company states you can buy them off eBay because the technology is so secure, the device is guaranteed to only run their firmware.

      So if you buy one of these things, how do you know your device has not been tampered with? It's supposed to be secure, and they claim it's so secure they don't have to prove that no one has messed with it on its way to you.

      Meanwhile, someone decides to buy a bunch of legitimate ones, install hacked firmware on it, and sells them on eBay. The company claims eBay sales are good, too!

      Physical access hacks on something like this are serious, because it means it's a supply chain problem. And if you're claiming it's so secure that you don't need to have anti-tamper or tamper-evident packaging, and that you can trust it, well...

      Heck, someone could go into Ledger's own warehouse, reprogram them and put them back on the shelf (say, a paid off employee), because hey, they're not going to check that they're good when they're shipped from their (trusted) warehouse.

    2. Re:Not secure against physical attack - duh! by Anonymous Coward · · Score: 0

      No it is not a problematic attack. If you don't trust the supply chain you are buying through then DON'T FUCKING USE THEM. I mean seriously, this attack applies to ANY device even high end HSM's. They are all susceptible, even if the firmware can't be hacked how the fuck would you know if the chips themselves haven't been replaced to mimic the device, it isn't like they are supplying a highly complex piece of kit. This is a non issue, besides which if you are after secure storage buying a device like this shows pure ignorance as their are better cheaper ways to do it

    3. Re:Not secure against physical attack - duh! by Anonymous Coward · · Score: 0

      No it isn't a problematic attack, it is simply idiot marketing and bullshit from the company in question. To be honest though if you are stupid enough to go down that for securing a wallet you are probably destined to be separately from your money at some time in the future anyway.

    4. Re:Not secure against physical attack - duh! by Gavagai80 · · Score: 1

      So if you buy one of these things, how do you know your device has not been tampered with?

      It says right in the summary: "In both cases, a successful firmware update is the proof that your device has never been compromised."

      --
      This space intentionally left blank
    5. Re:Not secure against physical attack - duh! by Anonymous Coward · · Score: 0

      how is that in any way shape or form proof? I could just as easily put my own chip that will accept the firmware update and make it appear like that was successful too.

    6. Re:Not secure against physical attack - duh! by Anonymous Coward · · Score: 0

      Tech Crunch... why does that site even exist anymore?

    7. Re:Not secure against physical attack - duh! by tlhIngan · · Score: 1

      It says right in the summary: "In both cases, a successful firmware update is the proof that your device has never been compromised."

      That's what the marketing copy says. But the hack allows the guy to fake the update so it passes the check, so he can add his own code to the firmware update.

      In addition, relying on an update to prove correctness doesn't do didly squat. I can create a "open" version that isn't signed and will run anything, and thus can take a signed firmware update just fine. It's just I don't verify the keys at all. So yes, firmware updates.

  6. another bullshit security beatup by gravewax · · Score: 1

    hint to article writers and submitters. If something requires fucking physical access and or admin and pin access like this then it isn't worth an article about. this same vulnerability exists in just about every device and every computer ever sold

    1. Re:another bullshit security beatup by Anonymous Coward · · Score: 0

      I have physical access to all Android devices at home. But I googled more than 4 days on how to gain root on any of those Android device, futile.
      So tell me, I have physical access, how can I get root so I can install and remove stuff? Thanks in advance.

    2. Re:another bullshit security beatup by Anonymous Coward · · Score: 0

      what is your device, I have root access on every one of my android devices. regardless that is beside the point, you could install a chip in the wireless stack or something record the screen or any other modification even without rooting the device.

    3. Re:another bullshit security beatup by bloodhawk · · Score: 1

      really? what the hell devices do you have. I have root access on all my droid based devices except for my Galaxy S7 (only reason it isn't rooted is I haven't needed to yet though I know their are plenty of instructions for doing it.)

    4. Re: another bullshit security beatup by bill_mcgonigle · · Score: 1

      Not OP but I have a useless Verizon Galaxy S4 on the shelf that I'd like to repurpose with LegacyOS. TIA.

      --
      My God, it's Full of Source!
      OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    5. Re: another bullshit security beatup by Anonymous Coward · · Score: 0

      heaps of online guides and tools to root Galaxy S4 and a shitload of custom roms available for it.

  7. Example to make of by Anonymous Coward · · Score: 0

    Before he gets a chance to comit more crimes.

  8. Re:HILLARY DIES IN PRISON EITHER WAY by Anonymous Coward · · Score: 0

    That's actually one and the same guy replying to himself. Please mod this idiot troll down!

  9. Worrying by hoofie · · Score: 1

    It comes across as a clever and insightful bit of an analysis from a very talented young man.

    The lack of any tamper evident packaging I would consider worrying since it does appear you can compromise these in the supply chain and you would have zero idea it's been done.

  10. Ageism by Anonymous Coward · · Score: 0

    Why is the fact that the guy is 15 of any importance?

    1. Re: Ageism by Anonymous Coward · · Score: 2, Informative

      I know plenty of inept millenials as well. They re fun to watch pretend they know how things work. Even more fun when this boomer shows how they're wrong in front of their little echo pack of idiots.

    2. Re:Ageism by Anonymous Coward · · Score: 0

      I know several that own restaurants actually and it is the exact opposite of what you say. Young people are by far the highest maintenance and most difficult to do with, the self entitled attitude seems to be rife. Older generation are predictable, easy to please and generally far more polite and courteous. One of my friends says the older people are what keeps him in business.

  11. Logo tasarım by logotasarim · · Score: 0

    Alkapgo markanızın kurumsal kimlik ve logo tasarım yüzünüzü geliÅYtirir. Sizi markalaÅYtırır. Ã-zgün ve profesyonel logo tasarım www.alkapgo.com

  12. ATMs by 110010001000 · · Score: 2

    This is similar to the ATM scam where people got access to ATMs during shipping and modified them to send them PINs via text messages. Supply chain attacks are real.

    1. Re: ATMs by danperc7 · · Score: 1

      really need the world to know about a real one who helped me got proof of my cheating ex .hes really reliable and an expert at his job .contact hackdigg at gmail dot com or contact him on what's app through this number .+15185049376... or text his mobile number +15186284630.he can hack into what's app.facebook .text messages ,deleted text messages or any type of spying hacking related .tell him from Anita Email:hackdigg at g mail dot com Text num:+15186284630 What's app num:+15185049376

  13. Not that anyone is interested by Anonymous Coward · · Score: 0

    But I always prefer to inject my own seed into the device.

  14. "Vulnerability" has become watered down by Anonymous Coward · · Score: 0

    Applying similar reasoning, a given Linux machine is vulnerable to attack because someone with physical access can install Windows in place of it and then install their favorite malware.

    1. Re:"Vulnerability" has become watered down by present_arms · · Score: 1

      why bother if u have physical access to a linux box, just reboot it in init 1 instant root. no need to waste hours of ya life installing windows

      --
      http://chimpbox.us
  15. Who do you trust? by MangoCats · · Score: 1

    If you trust the network to put you in touch with the real hardware wallet vendor (or another trusted agent), then you can verify integrity of the wallet anytime you connect. Banks show personalized: only we know that you know these photos, photos prior to login.

    Now, if the network is compromised too...

    1. Re: Who do you trust? by Brockmire · · Score: 1

      Several of my online banking and credit card sites offered picture logins back a few years ago. They've since been removed. I don't think they did shit, except piss off users.

  16. Vulnerability effecting? by OneHundredAndTen · · Score: 1

    Somebody is semi-literate here.

  17. false flag? by Anonymous Coward · · Score: 0

    No, he is a sand n1gger, a stupid piece of shit that got hyped by the intolerant and racist libturd media.

    This has to be a false flag posting. No real racist would make themselves look this idiotic, would they? would they...?

  18. effecting? by cascadingstylesheet · · Score: 2

    Ledger CEO Eric Larcheveque claimed that there were no reports of the vulnerability effecting any active devices.

    Too bad; I'd be impressed if a vulnerability could create an active device out of thin air!

  19. 'Injecting his seed' by wiretrip · · Score: 1

    Well I never thought I'd see that phrase in a technical report :-)

  20. Why the rampant age discrimination? by mysidia · · Score: 1

    A 15-year-old programmer named Saleem Rashid discovered a flaw in the popular Ledger hardware wallet that allowed hackers to grab secret PINs....

    The discoverer's age is irrelevent to the story. If he were 30, would we call him a "30-year-old programmer" I think not. Is the author trying to imply, that because the programmer was 15, the vulnerability was more obvious, or easily discovered by even a naive person?

    That would be an invalid presumption. There are a whole lot of technically skilled 15 year olds in the world, so how about not trying to discredit them or use their age to imply they shouldn't have been able to do this? Ahem!
    "Expert programmer Saleem Rashid discovered a flaw...."

    1. Re: Why the rampant age discrimination? by Brockmire · · Score: 1

      You're why we can't have nice things. No, 15 year olds are not widely known for exposing crypto vulnerabilities. It's fucking newsworthy.

  21. spy my cheating spouse by kourtneybutts00 · · Score: 1

    Life has taught me that you can’t control someone’s loyalty. No matter how good you are to them it doesn’t mean that they will treat you the same way. I have been married to my husband for two years with no idea he was cheating. Suddenly i started noticing changes in behavior, i suspected something was wrong. So i confided in a friend who convinced and introduced me to a hacker. He was able to hack into my husband mobile phone, Text messages, Call logs, IG, browser history, deleted messages, Emails and WhatsApp . It seemed as though my life was spinning out of control getting to find out he has someone else. I filed for a divorce just could not continue with lies. If you feel you are been exploited in your marriage and you need proof. I suggest you give enriquehackdemon11@gmail. com what’s app +162 8203 7005 a try. He has been of great help to me and i believe he can be to you.