This the another in a (possibly never ending) series of examinations into the various types of attacks and scams in the crypto world. If this piece is helpful to you, please let me know on twitter: @CryptoCoinBen.
Yesterday Kraken Security Labs published a new supply chain vulnerability to the Ledger X hardware wallet. It allows an attacker to modify the way the device behaves and possibly compromise the users computer or affect the display of the hardware wallet itself. Ledger have already released a patch and usage suggestions to mitigate against this attack. Lets take a look at what this all means.
Background on Ledger and the Ledger Nano X
Ledger have been making hardware crypto wallets since 2014. They were one of the first to market with the concept of a hardware wallet and vey quickly became synonymous for it. They sold over a million units of their earlier model, the Ledger Nano S, and were able to raise over $150 Million in investment funding because of this success. The Ledger Nano X was released last year, after a troubled release due to manufacturing issues. It offers support for additional cryptocurrencies, bluetooth connectivity for mobiles, as well as an improved screen and battery for on the go payments. It is currently priced at A$199, or double the cost of the previous Ledger Nano S model.
What is a 'Supply chain' attack?
A supply chain attack generally means the compromise of a device before it arrives in your hands. One of the best exmaples of this occured last year, when it was claimed China was installing malcious integrated circuits in the Super Micro servers being manufactured there. This cast doubt into the security of every Super Micro server sold.
It is critical to be absolutely clear here. Kraken are not claiming that the supply and manufacture of Ledger devices is compromised. Instead this is better described as a 'late stage supply attack'. That is, the device is still considered safe at the point it leaves the Ledger distribution centre. Kraken Labs are highlighting that there is an opportunity after it has been shipped, but before the end user installs their first app. It is a very small window in the scheme of things, but it is there.
What is the 'Bad Ledger' vulnerability?
Ledger leaves the device in 'testing mode' when it is shipped. This allows the end user to run a verification test to ensure that the device is functioning correctly and that it hasn't been modified. Once the end user installs their first app on the deivce, 'testing mode' is then disabled.
If someone were to intercept the device in transit, they will be able to modify the microprocessor in the device to perform actions not intended by the manufacturer. The example given turns the device into an automatic keyboard, ala the 'rubber ducky'. Once plugged into your PC, the Ledger Nano X would type out whatever commands it was programmed with. As it is fully automated, it could run its payload within milliseconds.
What is the 'Blind Ledger' vulnerability?
It relies on the Ledger Nano X being in test mode still. While in this mode, a malicious user could use the unsecure microprocessor to disable the screen. In theory, they could then attempt to socially engineer the user to press confirmations buttons, without the user seeing what they are confirming.
While I do see the threat for new users, any knowledgable users should instantly see that something is wrong, and NOT confirm anything unless it is displayed on the screen.
Is the Ledger Nano X wallet compromised?
No. The secure enclave that stores the private key for your wallet has remained secure at all times. Even with the device in 'test mode' and physically intercepted by a very skilled adversary, the wallet remained secured. I would suggest that every other digital device you have would not survive that type of attack. So kudos to Ledger here (or more specifically, the ST31H320 secure microcontroller)
If you have a device, you are encouraged to update to the latest firmware.
A firmware update, 1.2.4-2, has been released. It fixes the vulnerability by checking the integrity of the whole MCU by the Secure Element at each boot, like on the Nano S. --Ledger
This firmware now checks the integrity of the microprocessor, as well as the secure element.
How to avoid this style of attack.
- Always order hardware wallets from the official source or an authorised reseller.
- Always use a trusted brand and support organisations which operate bug bounties. These encourage vulnerabilities like this to be responsibly disclosed.
- When you first receive the device, connect it to an isolated PC and update the firmware immediately.
- Read the manual or other material to understand how the device operates. If it displays unusual behaviour, do not use it.