LEDGER "BEWARE the Middle Man" Hack - Threatens Users - PROTECT YOURSELF

in #ledger7 years ago (edited)

ledger hacked.jpg

With over 1 million devices sold last year, this is definitely a story worth sharing. There has been a major vector attack recently discovered. Although there have not yet been any successful hacks, the attempt has been recognized, and the threat itself it very real.

ALL ledger users must further scrutinize the transaction process, VERIFY the address on your device, as the middle man attack can alter the address you are sending digits to.

USB cold storage eliminates the sort of hack where someone can steal your funds with simply a computer and some hacking capabilities.. where a physical button must be pushed in order to complete the transactions.

Though, if a hacker can manage to alter the address you are sending funds to and you don't double check the address lit up on the ledger devices display interface, than you may physically verify the transaction to be sent to the 'lucky' hacker.

If this attack is successful, the user would not even know they were being targeted.

"Ledger wallets generate the displayed receive address using JavaScript code running on the host machine…malware can simply replace the code responsible for generating the receive address with its own address, causing all future deposits to be sent to the attacker." https://news.bitcoin.com/ledger-addresses-man-in-the-middle-attack-that-threatens-millions-of-hardware-wallets/ “All the malware needs to do is replace one line of code…this can be achieved with less than 10 lines of python”.

To avoid being victimized. Always verify your receive address, you can find it here on the "monitor button"

Ledger states that it would be better to "force" the client to double check the address just like the wallet 'forces' the user to approve every outgoing transaction.

That is the system that Trezor currently uses. Check out our hardware wallet video!

Trezor mandates the use of 2FA to access the receive address. Pretty cool.

trezor.png

Two factor authentication - check out a video we've put together to help you understand why 2FA is important.

Hardware wallets are still SOOOO much safer than leaving your funds on an exchange or in a place where you don't own the private keys(password), though the best security is your own attentiveness.

It would be nice to see all hardware wallets incorporate 2FA. Protect yourself.

Check us out at

https://www.shredtoken.io
https://www.linkedin.com/company/18371202/
https://www.youtube.com/channel/UCt7-iN40nrBdLyrjz-DCPzA?view_as=subscriber
https://twitter.com/ShredToken
https://www.instagram.com/shredtoken/

Shred Token Logo White Text Black Stroke.png

#hack #wallet #safety #news
7 years ago in #ledger by
$0.05
  • Past Payouts $0.05
  • - Author $0.05
  • - Curators $0.00
4 votes
Reply 1
Sort:  
  • Trending
    • [-]
     7 years ago 

    Congratulations @shredtoken! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

    Award for the number of posts published
    Award for the number of upvotes received

    Click on any badge to view your own Board of Honor on SteemitBoard.
    For more information about SteemitBoard, click here

    If you no longer want to receive notifications, reply to this comment with the word STOP

    By upvoting this notification, you can help all Steemit users. Learn how here!

    Coin Marketplace

    STEEM 0.16
    TRX 0.16
    JST 0.028
    BTC 71218.74
    ETH 2484.92
    USDT 1.00
    SBD 2.40