Ledger Recovery - Send your (encrypted) recovery phrase to 3rd parties entities

[Pmalek]

It is still possible to use Ledger with old firmware via Metamask.

That's what I expected. Something must have changed on a network level with the coins you can't transfer using the combo old firmware + old Leger Live. Metamask probably already supports those changes even with an older firmware. If that happens with Bitcoin as well, you would probably still be able to work with your BTC using Electrum as companion app.

You could ask Ledger support why that's happening to you, but I doubt they have advanced knowledge to explain it properly.

I don't quite agree when you say there's not much difference between a wallet on a CEX and one on Ledger devices. Or do you mean non-custodial online wallets like what Coinbase or blockchain.com offers?

I think he is saying that Ledger at this point is not safer than a CEX. He considers Ledger to be a hot wallet, and as we know, that's what CEXs are.

[Lucius]

I don't quite agree when you say there's not much difference between a wallet on a CEX and one on Ledger devices. Or do you mean non-custodial online wallets like what Coinbase or blockchain.com offers?

I think he is saying that Ledger at this point is not safer than a CEX. He considers Ledger to be a hot wallet, and as we know, that's what CEXs are.

Exactly, because realistically, given what we know, does anyone think that their coins on LHW are safer than coins on any CEX? I would even dare to say that CEX is perhaps a safer way because they (as far as we know) do not share their private keys with third parties - which these geniuses from Ledger do and thus only increase the risk for their clients.

It may sound paradoxical, but that's how I see it.

[Pmalek]

I would even dare to say that CEX is perhaps a safer way because they (as far as we know) do not share their private keys with third parties - which these geniuses from Ledger do and thus only increase the risk for their clients.

CEXs are third-parties themselves and entities that are the sole holders of the keys. Users don't have a copy of the keys. We also don't know how their internal setups look, and how many people have access to said keys. Exit scams made to look like hacks have happened in the past. It's not good.

The thing is, you can't prove that key sharing is happening without your consent and Ledger doesn't want to prove it isn't and that it never has. It's all speculation and a matter of opinion. But the fact that they have gone in that direction is already scary enough and a reason for concern. It should never have happened.

[LoyceV]

millions of BTC would likely become very easily accessible to Ledger

How many Ledger employees would an attacker have to "$5 wrench attack" to access their entire seed phrase database? It sounds like a good script for a movie, but they made the possibility a reality.

[Lucius]

~snip~
The thing is, you can't prove that key sharing is happening without your consent and Ledger doesn't want to prove it isn't and that it never has. It's all speculation and a matter of opinion. But the fact that they have gone in that direction is already scary enough and a reason for concern. It should never have happened.

Perhaps the inability to prove by Ledger is a clear answer that they cannot/do not want to prove that they have access to every seed ever generated on any device they have ever produced. If I have reasonable suspicions that something bad is happening, and you don't want to prove otherwise, in most cases that's a sign that something bad is really happening.

millions of BTC would likely become very easily accessible to Ledger

How many Ledger employees would an attacker have to "$5 wrench attack" to access their entire seed phrase database? It sounds like a good script for a movie, but they made the possibility a reality.

We could say that Ledger employees who have access to sensitive data are very high on the priority list of those who engage in very sophisticated hacking. Whoever works for that company shouldn't take their security lightly - but even though it sounds a bit rude, let them sweat a little for a change - because the database that was leaked through their carelessness for hundreds of thousands of their clients has been the source of all sorts of online attacks for years, and there have certainly been physical attacks as well.

[Meuserna]

We could say that Ledger employees who have access to sensitive data are very high on the priority list of those who engage in very sophisticated hacking. Whoever works for that company shouldn't take their security lightly - but even though it sounds a bit rude, let them sweat a little for a change - because the database that was leaked through their carelessness for hundreds of thousands of their clients has been the source of all sorts of online attacks for years, and there have certainly been physical attacks as well.

Don't forget about Ledger's FORMER employees.

How a Single Phishing Link Unleashed Chaos on Crypto:  "Ledger has confirmed the attack began because “a former Ledger employee fell victim to a phishing attack.”

-- Decrypt, December 14th, 2023

[Pmalek]

Here it was said that we should not update the firmware to stay out of the possibility of Ledger Recover unauthorized access. Although there is no guarantee that such an option did not exist before, Ledger has now decided to force Ledger Live users to update the firmware.
Thus, it is no longer possible to use the BSC and ETH applications on Ledger Live without a firmware update. (BTC wallet is still functional with the old firmware)

I remembered your post last ight and decided to check this. I have ETH and stablecoins on my old Ledger Nano S. The last Nano S firmware update dates back to 2021, and there hasn't been a new one since then. I am also using an outdated Ledger Live app and haven't updated since they begun advertising their Ledger Recover service. The only thing that is new is the Ethereum app on my Ledger since I didn't have it installed.

I didn't experience the same issue you did with my ETH account. I created a test transaction with ether and proceeded to the physical confirmation stage on the hardware wallet where I cancelled the transaction. Based on that, I assume that you are using a different model and not the Nano S. Which firmware version are you using btw?

[examplens]

I didn't experience the same issue you did with my ETH account. I created a test transaction with ether and proceeded to the physical confirmation stage on the hardware wallet where I cancelled the transaction. Based on that, I assume that you are using a different model and not the Nano S. Which firmware version are you using btw?

It's about Ledger Nano X, firmware version 2.2.3 and I just updated Ledger Live to the latest version, 2.100.0 (from 2.98.0)

Now I saw an even more interesting thing.
When I select a BSC account, L.Live prompts me for an Ethereum application. Also on the device itself. It completely ignores that I want to work with the BSC network and directs me to ETH 



btw. two days ago, I connected this Ledger to Metamask (BEP-20) and made some swap on Pancakeswap, worked normally.

[dkbit98]

How many Ledger employees would an attacker have to "$5 wrench attack" to access their entire seed phrase database? It sounds like a good script for a movie, but they made the possibility a reality.

Maybe we should ask that question one of the ledger co-founders who was hijacked and blackmailed not long ago
It would be much easier to do something similar to regular ledger employees, and ledger was already hacked that resulted in leaking of customer personal information.

[Pmalek]

It's about Ledger Nano X, firmware version 2.2.3 and I just updated Ledger Live to the latest version, 2.100.0 (from 2.98.0)

Looking at the official Ledger firmware release notes for the Nano X, version 2.2.3 already introduced the feature and code for Ledger Recover. So, that's already on your device. The way I see it is that you can upgrade to the latest firmware. Ledger Recover is already part of your system, without you using it.

Now I saw an even more interesting thing.
When I select a BSC account, L.Live prompts me for an Ethereum application. Also on the device itself. It completely ignores that I want to work with the BSC network and directs me to ETH 

Ledger has standalone and dependent apps. Is it possible that BSC is an app that depends on and requires that you also have the ETH application installed on your device?

You can recognize standalone apps from their size in the Manager tab. Standalone apps are usually bigger. For instance 60-70kb for the BTC app. A dependent app would be something like 2-3kb because it uses much of the codebase of the standalone app it depends on. How big is your BSC app?

[Meuserna]

I strongly encourage you to read more about the Bybit hack.

This will happen to Ledger.  It's just a matter of time.

North Korean hackers managed to pull off the biggest hack in history by planting malicious code into the infrastructure of Safe—a crypto wallet provider used by Bybit, and one that has long marketed itself as impenetrable.

https://decrypt.co/307866/how-bybit-hacked-1-4-billion-ethereum

Now, to put that in context for Ledger:

Ledger created an API to enable key extraction from Ledger hardware devices over the internet.  It's baked in to the Ledger firmware.  That will get hacked.  It's a question of when, not if.

"yes a firmware update can extract the seed"
-- murzika, Ledger Co-Founder, Former CEO, and Former Chairman
https://np.reddit.com/r/CryptoCurrency/comments...

Ledger holds the master key for their key extraction scheme, which includes access to all keys stored on Ledger's servers and other companies' servers, using Ledger Recover.  That will get hacked.  It's a question of when, not if.

"The bombshell here is the explicit confirmation that Ledger themselves hold the master decryption key for all Ledger Recover users."

-- @sethforprivacy
https://twitter.com/sethforprivacy/status/1671532787294191618

And, making matters worse, Ledger's codebase has been hacked.

How a Single Phishing Link Unleashed Chaos on Crypto:  "Ledger has confirmed the attack began because “a former Ledger employee fell victim to a phishing attack.”

-- Decrypt, December 14th, 2023
https://decrypt.co/209838/single-phishing-link-unleashed-chaos-on-crypto

For hardware wallet users, the lesson to be learned is this:

Never use a hardware wallet that allows internet access to the device.  No exceptions.  Your keys need to be where hackers cannot reach them over the internet.

I assume everybody here understands how hardware wallets generate transaction signatures without accessing the internet, but if you're not clear on how that works, I'd encourage you to learn about it.  Understanding how this stuff works helps to keep you safe.

Ledger's code enables key extraction from the device over the internet.  Ledger devices can't be trusted.  Ledger lied about it, every step of the way.  Ledger can't be trusted.

Never use a hardware wallet that allows internet access to the device.  No exceptions.

[dkbit98]

This will happen to Ledger.  It's just a matter of time.

Maybe not, there is a chance for them to shut down their business before that, after one co-founder was hijacked and blackmailed not long ago
I think they are no in downtrend but people still use them in movies, recently I watched Cold Storage movie featuring ledger wallet.
Hacks = ledger.

Never use a hardware wallet that allows internet access to the device.  No exceptions.  Your keys need to be where hackers cannot reach them over the internet.

Even then it's not totally safe if you are using crap like Tangme with their stupid app that leaked keys online.
Software wallet connected with hardware wallet is also important, and everything needs to be open source.