15-Year-Old Hacks Hardware Crypto Wallet Ledger

Hardware wallet Ledger Nano S had a break in – teenage security expert, Saleem Rashid, found an issue with the “tamper-free” wallet. The story began on Nov. 2017, when Rashid reported a flaw to Ledger CTO, Nicolas Bacca, which could allow attackers to steal funds from wallet users.

Rashid had observed that the microcontroller employed in the wallet was not secure. While it allowed the use of buttons and displays to input data, it was connected as a proxy to the Secure Element (SE). The latter contained private keys which meant that a hacker could trick the SE in different ways. Here’s how: retailers and resellers could change microcontroller’s firmware which, now compromised, could verify its ‘identity’ to the SE. He further explained that the attacker could control the user interface and use their malicious code to set randomness to zero and add a recovery seed of their own choice. Rashid chose the word ‘abandon’ to prove his point in an uploaded video. Now that the attacker had the mnemonic phrase, they could get the private keys easily.
After Rashid sent the research to Ledger, he saw that the flaw wasn’t taken seriously by the team. However, they did publish a firmware update on Mar. 6, which was heavily criticized by Rashid. He posted his opinions on Twitter, since he believed that the team should either have posted it as a critical update or disguised it so that hackers didn’t get time to use this trick