CryptocurrenciesNews

The Ledger Nano S has been hacked and in a rather absurd way

Photo of Roberto Solé Robert Sole Follow on Send an email 21 March, 2018
2 4.892 2 reading minutes
ledger nano s hacker
ledger nano s hacker

They manage to hack a Ledger Nano S, which are supposed to be impossible to hack, but in a very absurd way, by connecting it to a smartphone charger and pressing the buttons on it.

The Titanic was an impossible ship to sink, save for an iceberg. Ledger's USB to store cryptocurrencies, were a secure device impossible to be corrupted, except for a fifteen-year-old boy. Yes, a fifteen-year-old boy has exposed the French company. The most amazing thing of all is that it has not been done by brute force, back door or similar, but has been connected to a charging base for a smartphone, current and mill, I started pressing keys and that's it.

Ledger has developed these special pen drives to store cryptocurrencies, which are impossible for anyone to corrupt, according to the French company. To provide security to these units, the Anonymous Attestion technique or anonymous declaration has been implemented, which develops signatures that are impossible to forge, that can only execute an approved code. Back in 2015 they said that it was not possible for an attacker to replace the firmware and go through the declaration process without the Ledger key being known.

A 15-year-old the UK has dismantled the theory. Seleem Rashid, that's what it's called, has found a kind of back door on the Ledger Nano S, which is priced at $ 100 and has been sold for millions. This technique would also work with Ledger Blue, the most powerful and costing $ 200.

To do this, he has simply connected the Ledger with its cable to any smartphone charger and started pressing the buttons on it. The first attempts do not pass anything, but at the fourth press, it allows you to set a new password, verify it and have access to it without having to know the password.

This vulnerability is very difficult to solve with a firmware update, since the problem would be in the design, specifically, in the way the drivers communicate inside. It remains to be seen what the French company says in the face of this sovereign slap, caused by a 15-year-old boy, who has been given the Ledger to do the test.

Photo of Roberto Solé Robert Sole Follow on Send an email 21 March, 2018
2 4.892 2 reading minutes
Show more
Photo of Roberto Solé

Robert Sole

Director of Contents and Writing of this same website, technician in renewable energy generation systems and low voltage electrical technician. I work in front of a PC, in my free time I am in front of a PC and when I leave the house I am glued to the screen of my smartphone. Every morning when I wake up I walk across the Stargate to make some coffee and start watching YouTube videos. I once saw a dragon ... or was it a Dragonite?

Related publications

dune spice wars dune games the new david lynch

Dune: Spice Wars reveals its new trailer at Gamescom

August 24, 2023
Baby Sonic Baby

The Sonic movie shows us the adorable baby Sonic

27 December, 2019
asus smartphone gaming

ASUS to launch a gaming smartphone under its Republic of Gamers product range

18 April 2018
amd radeon software crimson

The new AMD Radeon Software Adrenaline Edition drivers will arrive in December

November 30, 2017

2 comments

  2. I have to check that because in the video it only shows as if it were new, and not even if you manage to access the wallet later.

    Reply

Leave your comment

Your email address will not be published. Required fields are marked with *

Button back to top
CLOSE

Ad blocker detected

This site is funded through the use of advertising. We always make sure that the advertising is not too intrusive for the reader and we prioritize the reader's experience on the website. However, if you block the ads, part of our funding will be reduced.