What Did Kraken Discover?On July 8, Kraken Security Labs identified two supply chain attacks that were possible against the Ledger Nano X wallets. As the name implies, supply chain attacks involve tampering with the device before it is delivered to the user. This can occur anywhere along the supply chain, perhaps perpetrated by a malicious reseller or by being intercepted. The device is compromised and targeted by the attackers. Kraken reported that the firmware of the ‘non-secure processor’ is modified to use a debugging protocol as an input device, which can then send malicious keystrokes to the user’s host computer. The report reads:
The Ledger Nano X ships with the debugging functionality enabled on its non-secure processor, a feature that is disabled as soon as the first ‘app’, such as the Bitcoin app, is installed on the device. However, prior to any apps being installed, the device can be reflashed with malicious firmware that can compromise the host computer, similar to “BadUSB” and “Rubber Ducky” attacks.In a nutshell, the attack uses the wallet as a keyboard and can also be used to execute malware attacks on the victim’s computer.
Hardware Wallets Still the Safest, But Updates Always NecessaryLedger is one of the most popular hardware wallets on the market and acts as an offline storage solution used by investors to safely store large amounts of their digital asset investments. While much safer than the web, desktop, and mobile wallets, periodically, security teams release reports that prove that the protection is not airtight. To their credit, manufacturers like Ledger and Trezor have historically patched issues soon after being discovered. A recent report published by HTF MI has shown that the purchase of hardware wallets has slowed down as a result of the COVID-19 pandemic. However, safe storage solutions continue to be a strong area of research and development as more investors enter the market.
All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.