Ledger hardware wallet vulnerability ALERT: Man In The Middle

  • This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Adriaan Admin

Administrator
Staff member
Jan 30, 2018
231
45
28
www.bitcoinforbeginners.io
#1
A new vulnerability has been discovered related to the Ledger hardware wallets. In fact it doesn't apply to the device's safety itself but rather the wallet app software on your computer that users need to operate it. It is called Man In The Middle and the way it works is that if your computer is infected with a virus that exploits the vulnerability it can very easily replace a line of code in the Ledger wallet app in your browser and will replace the wallet address generator function by a function that will show you the hacker's address on your computer screen as a receiver address. Funds sent to that address will be available for the hacker, not for the Ledger user!

The way to protect yourself is to ALWAYS DOUBLE CHECK a new receiver address from your wallet app by confirming it on the Ledger device itself as well: if the Ledger device and your computer screen display the same receiver address, then you are good to go! If not, then your device is infected and you should NOT use the wallet software until you have appropriately taken care of the virus on your computer.

Users can verify a wallet address by clicking the "monitor" button in the wallet app. See the Tweet of Ledger how to do that, with image.

Or read the full article from bitcoin.com

Fellow community members: be aware and cautious all the time
 
Last edited:
Likes: staff