A critical vulnerability was discovered in Ledger's hardware crypto

It is generally accepted that crypto-currency hardware wallets are very reliable, and therefore are best suited for storing their savings and conducting various transactions. One of the most successful devices last year was the French hardware cryptic escort Ledger, whose sales quickly passed over a million devices. But recently, representatives of the developer company reported that a critical vulnerability was discovered in Ledger, allowing to substitute the final purses and steal the crypto currency belonging to the recipient.

To send money or download the address of the recipient to Ledger, it must be connected to the Internet – at this stage, the attackers and get access to the device. Ledger wallets create a display address using JavaScript, and malware has the ability to substitute the address with an attacker's address, after which all the money intended for the recipient will go to the scammers, and the sender will be sure that everything is in order.

While the vulnerability in the purse no one was hurt, but the developers posted on the site a video with a demonstration proving that it is quite real and dangerous. It is noted that the purse software stored on the PC in the AppData folder can also be attacked by scammers after substituting the address of the recipient.

Avoiding the trick of hackers can be quite simple: the developers recommend that before making transactions, always check the correctness of the recipient's address – just click the button with the monitor image. After that, the user can independently confirm the correctness of the transaction with one more click.

Even despite the occasional "holes" in the security of such devices, the use of hardware wallets is still one of the most effective and safe options for storing crypto currency, as there are absolutely no solutions at the moment.

Chat about crypto-currencies .
Chat about iron and mining .

Leave a Reply