Hardware Wallet Hack: Ledger Nano S - f00dbabe

Hardware Wallet Hack: Ledger Nano S - f00dbabe

Channel:
United States LiveOverflow
Subscribers:
920,000
Published on ● Video Link: https://www.youtube.com/watch?v=nNBktKw9Is4


Duration: 15:34
264,783 views
6,470

It was found that the Ledger Nano S bootloader can be tricked into flashing and executing untrusted firmware.

Research Site: https://wallet.fail/
Twitter: https://twitter.com/walletfail
Thomas Roth: https://twitter.com/stacksmashing
original wallet.fail talk: https://www.youtube.com/watch?v=Y1OBIGslgGM

The bootloader is used to update the firmware of the 'non-secure' processor in the Ledger Nano S and has full control over the display, USB and the buttons. Time might tell how critical this issue actually is, a strong proof-of-concept still requires a lot of work and maybe the guys from wallet.fail will publish more in the future. Or join the security research and play around with it yourself!

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/

-=[ 📄 P.S. ]=-

All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.

#HardwareSecurity #SecurityResearch



Other Videos By LiveOverflow


2019-02-05Forensics with fls, Volatility and Timeline Explorer - ft. 13cubed
2019-02-01Identify Bootloader main() and find Button Press Handler - Hardware Wallet Research #5
2019-01-25Setup and Find Entry-point in ARM Firmware - Hardware Wallet Research #4
2019-01-21XS-Search abusing the Chrome XSS Auditor - filemanager 35c3ctf
2019-01-21[Live] Making-of a LiveOverflow CTF video write-up 2019 (35c3ctf)
2019-01-18Remote Debugging ARM Chip with SWD/JTAG - Hardware Wallet Research #3
2019-01-11Looking at the PCB & Chips - Hardware Wallet Research #2
2019-01-07Support LiveOverflow: Patreon & YouTube Membership
2019-01-04Threat Models - Hardware Wallet Research #1
2019-01-01Gynvael's Winter GameDev Challenge 2018/19
2018-12-28Hardware Wallet Hack: Ledger Nano S - f00dbabe
2018-12-25Jump Oriented Programming: Ethereum Smart Contract #2 - Real World CTF 2018
2018-12-21Ethereum Smart Contract Hacking - Real World CTF 2018
2018-12-14Going to Chinese Hacking Competition - Real World CTF Finals
2018-12-07OsmocomBB: Open Source GSM Implementation - Motorola Calypso Chip
2018-11-30Nintendo Switch (NVIDIA Tegra X1) - BootROM Vulnerability
2018-11-23End-to-End Encryption in the Browser Impossible? - ProtonMail
2018-11-16Identifying Good Research to actually Learn Something - Cross-site Scripting
2018-11-09Student Finds Hidden Devices in the College Library - Are they nefarious?
2018-11-02Analysing a Collection of Windows Binaries and Embedded Resources - FLARE-On 2018
2018-10-26Basic Windows Reversing and Attacking Weak Crypto - FLARE-On 2018


Tags:
Live Overflow
liveoverflow
hacking tutorial
how to hack
exploit tutorial
nano s
ledger
ledger nano s
cryptocurrency
cyrpto
bitcoin
ether
ethereum
monero
wallet
hardware wallet
crypto wallet
hacking wallet
hack wallet
private key
recovery seed
ledger.fr
F00DBABE
foodbabe
bootloader
stm31
stm32
stm32f04
malware
malicious code
flash
memory map
mapped memory
nvm
apdu
secure element
mcu
ledger blue