Sign up to our free weekly IndyTech newsletter delivered straight to your inbox
Sign up to our free IndyTech newsletter
A teenage British hacker has exposed a vulnerability in one of the world's best-selling cryptocurrency wallets.
Saleem Rashid, 15, broke into Nano S and Nano Blue devices from French hardware company Ledger after discovering a flaw that enabled him to access the products' keys and thereby gain control of the coins within.
Like passports and identity cards, Ledger's Nanos contain "secure element" chips that store payment information but which have to be connected to a micro-controller to be viewed on screen.
Rashid discovered that, by manipulating the micro-controller through the installation of his own version of the firmware that runs the Nano S, he could access its contents.
The discovery, known as a "supply chain attack", means that any Nano bought from a third party seller, for instance on eBay or Amazon, could potentially be tampered with and rendered vulnerable to theft, according to Quartz.
Rashid described the process as "trivial" in a subsequent blog post, leading Ledger's CEO Eric Larcheveque to accuse him of carrying out an "unfortunate publicity stunt".
The company's chief security officer Charles Guillemet said the crack Rashid had discovered was "serious but not critical" and that a security update for the Nano S was now available with a fix for the Blue to follow within weeks.
The discovery raises fresh concerns about the safety of the cryptocurrency sector, which has been routinely criticised as an unregulated Wild West since its inception in 2009.
While market leader bitcoin prides itself on the security of its blockchain - the public ledger that records all transactions - other aspects of this emerging industry like wallets and exchanges are less watertight.
Twitter, Google and Facebook have all banned cryptocurrency promotions since the turn of the year in a bid to protect consumers while the UK's Chancellor Philip Hammond yesterday announced the formation of a new task force to serve British interests.
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies
Join our commenting forum
Join thought-provoking conversations, follow other Independent readers and see their replies