News All Ledger wallets have a bug that lets hackers...

All Ledger wallets have a bug that lets hackers steal your cryptocurrency

-

- Advertisment -

All Ledger wallets have a bug that lets hackers steal your cryptocurrency

Cryptocurrency enthusiasts who rely on Ledger hardware wallets to keep their coins safe ought to exercise extreme caution when sending funds: sticky-fingered hackers might be out to re-route your digital cheddar away from your intended recipient and straight to their own wallets instead.

The company has taken to Twitter to remind users to “always verify [their] receiv[ing] address” on their devices’ screen manually by using the “monitor screen” button at the bottom of each transaction request form.

Referring to a recent vulnerability report from DocDroid, Ledger acknowledged that its hardware wallets suffers from a flaw that makes it possible for attackers to infect it with malware, designed to trick you into sending your cryptocurrency to the hackers.

“Ledger wallets generate the displayed receive address using JavaScript code running on the host machine,” the report reads. “This means that a malware can simply replace the code responsible for generating the receive address with its own address, causing all future deposits to be sent to the attacker.”

What is even worse is that – due to Ledger’s design which requires new addresses be generated consistently – users have no viable options to “verify the integrity of the receive address.” This could dupe users into thinking the displayed receiving address is indeed authentic, while this might not at all be the case.

The DocDroid report further indicates that all Ledger software could be exploited and modified by even unprivileged malware, which means attackers could abuse its system without any need to gain administrative rights.

The wallets also have no implementation in place to check for integrity and ensure anti-tampering. Indeed, the report claims Ledger wallets are so poorly designed that pre-infected devices could exploit users’ first-ever transaction to jack their crypto.

DocDroid disclosed the vulnerability to the Ledger a month ago, but its team preferred to fix the flaw by raising awareness about it – instead making changes to its code and interface.

Responding to annoyed customers on Twitter, Ledger said that the issue “cannot be solved in the absolute.”

A malware can always change what you see on your computer screen,” the company wrote. “The only solution is prevention and building an UX to make the user check on its device. On device verification feature has been added [six] month ago already.”

So next time you’re making a transaction with your Ledger wallet, better take your time to make sure everything is in check: you might be risking getting all of your coins jacked.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest news

Make Fast and Secure Trades Using Bitengo.io

Bitengo.io is a Cryptocurrency trading platform that allows users to buy and sell their Cryptocurrency in a...

Network Security Using Cryptography: Everything you need to know

This article will describe what is Network Security Using Cryptography and everything you need to know before...

Mercuriex Cryptocurrency Exchange Launches New Utility Token, SURF

MercuriEx Cryptocurrency Exchange, originally developed in 2017, came under new ownership in December 2019. Since taking over the exchange,...

Fungibility: Bitcoin Mixers Favorite Term That No One Understands

Fungibility, perhaps the most important concept when dealing with a decentralized and anonymous currency, but does bitcoin...
- Advertisement -All Ledger wallets have a bug that lets hackers steal your cryptocurrency

Crypto can’t thrive in the real world – but stablecoins can

We can safely say that the hype about cryptocurrencies is pretty much over. The claims of Bitcoin...

How to double your crypto

Most of us have a small gambler deep inside our souls. We love to feel the thrill...

Must read

Make Fast and Secure Trades Using Bitengo.io

Bitengo.io is a Cryptocurrency trading platform that...
- Advertisement -All Ledger wallets have a bug that lets hackers steal your cryptocurrencyAll Ledger wallets have a bug that lets hackers steal your cryptocurrency

You might also likeRELATED
Recommended to you