Ledger Nano X under supply chain attacks

Captain-Cryptory (OP)

Newbie

Offline

Activity: 23
Merit: 853

Ledger Nano X under supply chain attacks

July 08, 2020, 03:40:25 PM
Last edit: January 12, 2022, 03:52:37 PM by Captain-Cryptory

Merited by vapourminer (2)

#1

.

bob123

Legendary

Offline

Activity: 1624
Merit: 2481

Re: Ledger Nano X under supply chain attacks

July 08, 2020, 04:18:08 PM

#2

Supply chain attacks are a risk for both ledger and trezor HW wallets.

Even without the enabled JTAG interface, there is a risk of getting a compromised hardware wallet.
Inserting a hardware implant was possible all the time. And with such an implant, you'd be able to (for example) trigger the button press to confirm a transaction with radio waves.

While the enabled JTAG interface poses some new concrete attacks, the supply chain has always been a possible (and not that realistic) attack vector.

.ChipMixer.{ MIXING REINVENTED FOR YOUR PRIVACY #.ChipMixer.

dkbit98

Legendary

Offline

Activity: 2212
Merit: 7062

Cashback 15%

Re: Ledger Nano X under supply chain attacks

July 08, 2020, 08:18:17 PM

#3

Kraken Labs is doing good job exposing stuff like this.
I wonder is that attack also possible on Ledger Nano S.
Ledger released firmware update only for Nano X version, and they released update for LedgerLive application also

.
.^HUGE.

█▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄

▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄

▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█

FAST PAYMENTS
....NO KYC....

o_e_l_e_o

In memoriam
Legendary

Offline

Activity: 2268
Merit: 18504

Re: Ledger Nano X under supply chain attacks

July 08, 2020, 08:51:07 PM

Merited by NeuroticFish (1)

#4

It's worth pointing out that this was disclosed to Ledger a few months ago, and so it has already been fixed. You can see their response here: https://donjon.ledger.com/lsb/013/

If you already have a Ledger Nano X, the most recent update fixes this vulnerability, and all new Ledger Nano X devices produced have the debug interface disabled.

I also think the "Rubber Ducky" attack is a bit of a non story. A malicious third party could open a Ledger Nano X device (or literally any piece of USB hardware in existence, from a webcam to a keyboard to a flash drive to a mug warmer) strip out the internals, leave behind a BadUSB-type device, and close it back up again. As long the casing looks intact, most users would plug the device in without a second thought, and therefore fall victim to the attack.

o_e_l_e_o

In memoriam
Legendary

Offline

Activity: 2268
Merit: 18504

Re: Ledger Nano X under supply chain attacks

July 11, 2020, 10:44:25 AM

#5

Quote from: Captain-Cryptory on July 09, 2020, 09:15:32 AM

Yeah, Ledger Nano S is also vulnerable if it physically accessed by cracker: https://wallet.fail/wallets/nanos/

Again, you should point out that this has already been addressed.

The F00DBABE issue allowed an attacker to place custom software on the microcontroller unit (MCU), which allowed them to do things such as run snake on the Ledger Nano S. What it didn't allow them to do, however, was to access any of the data stored on the secure element, which is where your private keys are stored, since their custom software would fail the authentication process. No one was ever able to demonstrate stealing private data or a loss of funds from this issue. Regardless, it has since been patched: https://www.ledger.com/ledger-releases-a-new-nano-s-firmware-update/