You are viewing a single comment's thread from:

RE: AND IT HAPPENED! Hardware Wallet Hacked!

in #steemit7 years ago (edited)

It seems that the hardware wallet wasn't hacked, the user was manipulated to use an existing seed.
OP states on reddit:

The Ledger came with a recovery sheet which had a 24 word recovery seed, to see the seed I had to scratch off the silver foil/paint that was covering it.

https://np.reddit.com/r/ledgerwallet/comments/7obot7/all_my_cryptocurrency_stolen/ds8khhw/

Looks like a scam method from resellers of ledgers to put a "recovery sheet" with that product, so they have access to the wallet.

TLDR: Op used the recovery words that someone put on a sheet of paper when the Nano was shipped.
If you did this as well please move your funds immediately. See the image below.
https://imgur.com/DsICkge

https://np.reddit.com/r/ledgerwallet/comments/7obot7/all_my_cryptocurrency_stolen/ds8kuh4/

It's like phishing. It's way easier to engineer the user to drop every security measure instead of actually hacking something.

7 years ago in #steemit by
$3.22
  • Past Payouts $3.22
  • - Author $2.42
  • - Curators $0.81
2 votes
Reply 1
Sort:  
  • Trending
    • [-]
     7 years ago 

    Very similar to my proposal for attack in my original argument. The "recovery" method being the back door:

    Backups and recovery
    You probably are saying by now, the ability to recover your keys is built into the hardware wallet. That being the case means you are now trusting the hardware vendor with your private keys instead of an exchange or your computer. Think about this, if you can recover your private keys from my server after loosing your device, are they really YOUR "PRIVATE" keys? The answer becomes no, you just are trusting the hardware wallet vendor instead of your exchange or another third party!

    $0.00
      Reply

      Coin Marketplace

      STEEM 0.17
      TRX 0.16
      JST 0.029
      BTC 75969.36
      ETH 2843.76
      USDT 1.00
      SBD 2.56