Yesterday, the Monokh team reported shocking news, as they discovered a vulnerability in one of the most famous hardware wallets, which is considered among the most secure, that is, Ledger.
– Mo (@mo_nokh) August 4, 2020
As you can read, the problem concerns transactions not being processed correctly, which makes users believe that other blockchain transactions are being executed instead of Bitcoin (BTC) transactions.
The problem occurs when using applications other than the official wallet applications, for example, if we confirm a Litecoin transaction, we will sign a Bitcoin transaction.
In detail this is what happens:
- Open the Litecoin application;
- Retrieve the bitcoin (segwit) addresses from the main network using getWalletPublicKey (’84’ / 0 ’/’). PublicKey;
- Check UTXOs and build a bitcoin transaction to spend outputs;
- Send createPaymentTransactionNew (…) to request the device to sign this transaction;
- Receive valid signed transaction from Bitcoin Mainnet.
Ledger, a known vulnerability
Although this problem was reported to Ledger more than a year ago, precisely on January 18, 2019, nothing has been done about it and therefore it has been published, so now Ledger will have to intervene to fix the problem.
These are the versions affected by the problem, so check if your Ledger was involved:
- Firmware: all versions. Currently 1.6.0;
- App versions: all versions. Currently 1.4.3;
- Applications: any application derived from the Bitcoin application as for btchip_context.h;
- Applications tested: Bitcoin Testnet, Litecoin.
What's most puzzling about Ledger is the number of bugs that are cropping up.
For example, the recent vulnerability discovered in Ledger Nano X, or the data breach confirmed a couple of days ago, where more than 1 million email addresses of more than 9,500 customers have been stolen.
Let's not forget that criminals now have this data and could exploit it for their benefit and target everyone with the device containing this vulnerability.