- Nov 5, 2011
- 5,855
Cryptocurrency wallets were invented to allow those who owned cryptocurrencies, such as Bitcoin, to have an easy way to store and access them via hardware. For a long time, the makers of these devices marketed their products as tamper-proof and capable of keeping any and all of their contents safe. But as it turns out, they are so open to vulnerabilities that a 15-year-old self-taught programmer was able to put together a proof-of-concept that showed a number of ways in which they could be “attacked.”
In the case of the 15-year-old would-be hacker, the target was the Ledger Nano S, a hardware wallet designed by France-based Ledger, a company which liked to boast about the capabilities of their specialized hardware when it comes to storing cryptocurrencies. Through its marketing materials and press releases, the company stated numerous times that their reliance on “cryptographic attestation” allowed their devices to use digital signatures that were impossible to forge, thereby letting only authorized code to run on their products.
But the work of one U.K. teenager named Saleem Rashid has exposed it as nothing more than smoke and mirrors, as he posted the details of how their technology could be entered and used for nefarious purposes on his own personal blog. Rashid’s proof-of-concept code allowed him to enter the company’s $100 hardware wallet, called the Ledger Nano S, through a backdoor that gave him full access to it.
...read more on the website...
In the case of the 15-year-old would-be hacker, the target was the Ledger Nano S, a hardware wallet designed by France-based Ledger, a company which liked to boast about the capabilities of their specialized hardware when it comes to storing cryptocurrencies. Through its marketing materials and press releases, the company stated numerous times that their reliance on “cryptographic attestation” allowed their devices to use digital signatures that were impossible to forge, thereby letting only authorized code to run on their products.
But the work of one U.K. teenager named Saleem Rashid has exposed it as nothing more than smoke and mirrors, as he posted the details of how their technology could be entered and used for nefarious purposes on his own personal blog. Rashid’s proof-of-concept code allowed him to enter the company’s $100 hardware wallet, called the Ledger Nano S, through a backdoor that gave him full access to it.
...read more on the website...
