- In a recent tweet by Ledger, they have thanked Kraken for reporting issues in their hardware wallet.
- They have added that user security is their priority and that all the digital assets in their Ledger Nano X remain secured.
- Ledger mentioned Nano X’s security lies in the Secure Element, not the MCU sign.
In a recent tweet by Ledger, they have thanked Kraken for reporting issues in their hardware wallet. They have added that user security is their priority and that all the digital assets in their Ledger Nano X remain secured. They have also announced that they have patched the issues with the latest update. Also, Nano X’s security lies in the Secure Element, not the MCU sign.
Thank you @krakenfx for the great report. Users' security is our top priority. Rest assured that #crypto on your #Ledger Nano X remain secure. Its security relies on the Secure Element – not the MCU chip. We patched this with the latest firmware update:https://t.co/z6skQbQE0J
— Ledger (@Ledger) July 8, 2020
Attackers Can Control The Devices Connected With The Ledger Wallet
Kraken, the US-based cryptocurrency exchange, and its cybersecurity subsidiary Kraken Security Labs have found some issues in Ledger’s Nano X wallets. These potential attacks are very harmful as the attackers can very easily manipulate all the computers that are linked with the Malware wallets and run malicious content on them. The attack mainly targets the Nano X wallets operated before the user receives the wallet. Either if the wallet intercepted during shipment processes or in case the wallet obtained from a malicious seller. Fortunately, the issue patched, and now the hardware wallet is all safe.
The Nano X, the latest hardware wallet launched in 2019, comes with extraordinary features. For instance, Nano X can work wirelessly with Bluetooth and is also rechargeable.
The Recent Firmware Update
In one of Ledger’s recent blog posts, all the issues in the firmware version 1.2.4-2 of Ledger Nano X fixed. They have also confirmed that the discovered vulnerability is entirely physical, and it would in no way affect the attacks performed remotely. Their assets are safe, and Ledger Nano S is also not affected in any way.
The newly released firmware updates for the Ledger Nano X will simultaneously update its MCU firmware. In the new update, the MCU chip will be locked, which will completely prevent any malicious attacks from entering inside it. What happens is that the small vulnerability is unable to operate, and it becomes useless because it heavily relies on the operations of the MCU chip. The Secure Element chip will now validate the code running in the MCU chip, making MCU extra secure. Additionally, no user data stored in the MCU, so it cuts down most of the vulnerability.