- An online video shows a successful hack of the Trezor One, Ledger Nano S and Ledger Blue
- SatoshiLabs has responded stating that the vulnerabilities will be addressed in a January 2019 update
***Editor’s note: Since the publication of this article we have been contacted by a member of the Ledger team. You can find their response to the December 27th video here.***
One of the biggest selling points of any cryptocurrency hardware wallet is its security of customer funds and their difficulty to hack.
However, it has been demonstrated that the Trezor One, Ledger Nano S and Ledger Blue have some vulnerabilities that can leave them prone to hacks.
This was demonstrated via an online video where all three were hacked. The video was titled “Wallet.fail” and was published online on the 27th of December 2018.
The team behind the video is made up of hardware designer and security researcher Dmitry Nedospasov, software developer Thomas Roth and security researcher and former submarine officer Josh Datko.
The video was announced during the 35C3 Refreshing Memories conference where the team informed attendees that they had successfully extracted a key from a Trezor one wallet.
How the hack works
The key was obtained from the Trezor wallet through a process called flashing. Flashing involves overriding exits if data on the wallet in order to gain access.
There’s a catch though. This only works because the user of the wallet didn’t input a passphrase to secure it.
The team was also able to infiltrate a Ledger Nano S wallet and claim that they are able to add firmware unto any Nano S wallet. They demonstrated this by playing a game of snake.
“We can send malicious transactions to the ST31 [the secure chip] and even confirm it ourselves [via software,] or we can even go and show a different transaction [not the one that is actually being sent] on the screen,” said a member of the team.
Even the Ledger Blue isn’t immune to this as the team explained that the signals that are transmitted to the touch screen do so via a trace from the motherboard.
When a USB is inserted into the wallet, the traces become strong enough that they can be accessed remotely. When Artificial Intelligence software was used, the pin for the device was obtained.
The management behind the Trezor wallet hasn’t stayed silent on the issue.
Pavol Rusnak, CTO of SatoshiLabs, has stated via twitter that the company was informed of the vulnerability before the demonstration and that the issues will be addressed in a firmware update in January 2019.
With regards to #35c3 findings about @Trezor: we were not informed via our Reponsible Disclosure program beforehands, so we learned about them from the stage. We need to take some time to fix these and we'll be addressing them via a firmware update at the end of January.
— stick⚡Pavol Rusnak @ 35c3 (@pavolrusnak) December 28, 2018