The planned new firmware will be capable of exporting encryped shards of the seed. Ledger assures us that there is no possibility of twiking the firmware maliciously and that ledger has never been hacked and is immune from physical attacks. Actually, the argument btchip makes against coldcard is the precedent of a succesful physical attack (although requiring very expensive and sophydticated equipment).
Here is my question to btchip. Is it really true?
From an article on “kaspersky daily”, it would appear that Ledger firmware can be modified and that the button confirmation can also be hacked. They both need physical possession of the Ledger device, but I was under the impression that Ledger position was that it had NEVER been hacked. Is the article a lie?
Link at the end.
I am sure many customers woild appreciate a CLEAR reply.
Thank you!
“Researchers exploited this feature and uploaded modified firmware into the Nano S. For demonstration purposes, this modified firmware contained a Snake game. However, this modified firmware could contain, for example, a malicious module that changes wallet addresses in all outgoing transactions.”
So what is to prevent sending the encrypted shards (or the seed itself) to a malicious address? I notice that this was nano S, but it just proves that you cannot be ever 100% sure of being invulnerable, so what is preventing this to happen to nano X?
Another physical attack was the additiom of a hardware compinent that simulated remotely the pressing of the buttons.
“Josh Datko managed to insert into a Ledger Nano S a cheap RF-triggered implant that pushes the confirmation button upon receiving a malicious radio command.”
So adding Ledger Recover, despite needing the button confirmation increases the surface of attack.
Here is the link:
the article is from 2019….
Ledger nano S is discontinued and cannot be updated with the firmaware that enables recovery (there is no space for it).
Which makes ledger nano S the most secure ledger xD
Yes it is from 2019, but if it happened to nano S why can’t it happen to nano X? Also should we conclude that the statement that Ledger has NEVER been hacked is not true?
Even if it was hacked, the seed is split and divided between 3 companies. Neither have the complete seed. So it would be extremely difficult for a hacker to gain a complete seed unless attacking all 3.
No hardware is impervious to hack when possession is obtained by a hacker. It’s why big cloud data centers are heavily locked down with multiple layers of security and multi-person control for the most sensitive operations.
Losing possession of a device should be treated as if a compromise has happened. Move crypto to a new wallet / address / seed phrases.
Any hardware device is susceptible to this type of attack. Keys can be extracted via firmware on any device that allows back up of seed