15-Year-Old Teenager Compromises Ledger Hardware Wallet Security

French company Ledger, known for its hardware wallets used to store cryptocurrency, has always expressed strong confidence in the security of its products. Ledger devices use a “cryptographic attestation” mechanism, which supposedly guarantees 100% protection against counterfeit devices, as only authorized code can run on the wallet. The company is so confident in its devices’ security that it doesn’t even seal its boxes with tamper-evident stickers.

Back in 2015, Ledger representatives claimed that attackers would never be able to replace or modify the firmware of their hardware wallets and pass attestation without knowing the private key. Because of this, developers stated that it was safe to buy a Ledger wallet even from eBay.

However, these claims of complete security were called into question this week by a 15-year-old teenager from the UK named Saleem Rashid. On his personal blog, Rashid published a detailed article describing how he compromised the Ledger Nano S and Ledger Blue devices. A demonstration of the attack is shown below.

The researcher describes and demonstrates a proof-of-concept exploit that allowed him to install a stealthy backdoor on the devices, just 300 bytes in size. This attack falls under the “evil maid” category, meaning the attacker needs at least brief physical access to the device—like a maid cleaning a hotel room.

After the device is compromised and the backdoor is installed, it generates predetermined wallet addresses and recovers passwords in a way that the attacker knows them. As a result, the attacker can perform various illegal actions, including redirecting any payment to their own address.

Rashid discovered the vulnerability that allowed him to compromise the hardware wallets back in November 2017 and notified the developers. Two weeks ago, Ledger released a patch for the Nano S. The company’s security director emphasized that the fixed issue was not critical and that the attack did not allow extraction of private keys or seed phrases. Developers also stated that a patch for Ledger Blue is still in the works, but assured users that Rashid’s backdoor would be detected when Ledger devices connect to company servers (for app downloads or firmware updates). However, Rashid’s detailed report, published after the fix, proved that Ledger’s statements were not entirely accurate.

Rashid writes that he has not yet checked whether the new Nano S patch neutralizes the issue he found, but he doubts that the backdoor cannot be adapted to work with patched wallets. The problem Rashid discovered is essentially hardware-based.

Ledger Blue and Nano S devices are equipped with ST31H320 microcontrollers from STMicroelectronics. These chips handle the aforementioned cryptographic attestation and are referred to by the company as the Secure Element. However, the secure microcontroller does not support displays, USB connections, or high-bandwidth operations. Because of this, engineers had to add another microcontroller, the STM32F042K6, which acts as a proxy and is called the MCU.

The MCU serves as an intermediary between the wallet’s hardware and the Secure Element, communicating with the USB host, built-in display, and device buttons. Rashid’s backdoor forces the MCU to show the Secure Element the original, “clean” firmware, while in reality, the attacker’s code secretly makes the MCU perform various unauthorized actions.

Rashid’s work has already been reviewed by well-known cybersecurity experts, who agreed with his conclusions. For example, Matt Green, a cryptography professor at Johns Hopkins University, commented to ArsTechnica:

“[Ledger’s developers] are trying to solve a fundamental hardware problem. They need to verify the firmware running on the processor. But their secure chip can’t see the code running on that processor. So they have to ask the processor to provide its own code! But this is a catch-22, because the processor could be running malicious code, so you can’t trust its answers. It’s like asking someone who might be a criminal to provide all the information about their criminal past: it’s a trust-based system.”