Hardware wallets enable transactions via a connection to a USB port on the users machine, but they dont share the private key with the host machine impossible malware to harvest the keys.
Saleem Rashid has found a way to retrieve the private keys from Ledger devices once obtained a physical access to the device.
The researchers discovered that a reseller of Ledgers devices could update the devices with malware designed to steal the private key and drain the users cryptocurrency accounts when the user will use it.
Giving a close look at the Ledgers hardware device, Saleem Rashid discovered that they include a secure processor chip and a non-secure microcontroller chip. The nonsecure chip is used for different non-security tacks such as displaying text on the display. The problem ties the fact that the two chips exchange data and an attacker could compromise the insecure microcontroller on the Ledger devices to run malicious code in stealth mode.
Even is Ledger devices implement a way to protect the integrity of the code running on them, the expert developed a proof-of-concept code to bypass it and run malicious code on the products.
Youre essentially trusting a non-secure chip not to change whats displayed on the screen or change what the buttons are saying, Rashid told to the popular cyber security expert Brian Krebs. You can install whatever you want on that non-secure chip, because the code running on there can lie to you.
Rashid published a resea...