• Press Releases
    • Submit a press release
    • Read All
  • Contact us
Advertise
Bitcoinist.com
No Result
View All Result
  • Bitcoin
    • News
    • Price
    • Businesses
    • Acceptance
    • Technology
    • Investment
    • Regulation
    • Reviews
    • All Bitcoin News
  • Altcoins
    • News
    • Price
    • Ethereum
    • Ripple
    • Litecoin
    • EOS
    • NAGA
    • All Altcoin News
  • Tech
    • Blockchain
    • Security
    • FinTech
    • Price
      • Bitcoin Price
      • Ethereum Price
      • Binance Coin Price
      • Litecoin Price
  • Industry
    • Industry News
    • Press Releases
  • How to
    • Buy gift cards/mobile Top Ups with Cryptos
    • What Is Bitcoin?
    • Best Bitcoin Wallet
    • Bitcoin vs Ethereum
    • Why Use Blockchain Technology?
    • Bitcoin Cash ABC vs. Bitcoin Cash SV
    • How to Buy Cryptocurrency
    • How to do Crypto Gambling
      • Crypto Casinos
        • Ethereum Casinos
        • Solana Casinos
        • LiteCoin Casinos
        • DogeCoin Casinos
        • Live Crypto Casinos
        • New Casinos
        • Instant Withdrawal Casinos
        • Cash App Casinos
        • No KYC Casinos
        • VPN Casinos
        • Offshore Casinos
          • Crypto Casinos IT
          • Crypto Casinos ES
            • All Guides
          • Crypto Casinos JP
          • Crypto Casinos SG
          • Crypto Casinos MY
          • Crypto Casinos KR
          • No GAMSTOP Casinos in UK
          • No Cruks Casinos NL
      • Crypto Betting
        • No ID sportsbooks
    • Play Crypto Games
      • Crypto Poker
      • Crypto Slots
      • Crypto Blackjack
      • Crypto Crash Gambling
        • Aviator Sites
      • Plinko
    • Bitcoin Mining
    • Best Bitcoin Brokers
    • Best Bitcoin Forex Brokers
    • How To Earn Bitcoin
    • What is Facebook Libra?
    • Ripple and XRP: The Complete Guide
  • Events
  • Play Games
Breaking News: BREAKING: Saylor's Strategy Misses S&P 500 Inclusion, Robinhood Takes Spotlight
  • Bitcoin
    • News
    • Price
    • Businesses
    • Acceptance
    • Technology
    • Investment
    • Regulation
    • Reviews
    • All Bitcoin News
  • Altcoins
    • News
    • Price
    • Ethereum
    • Ripple
    • Litecoin
    • EOS
    • NAGA
    • All Altcoin News
  • Tech
    • Blockchain
    • Security
    • FinTech
    • Price
      • Bitcoin Price
      • Ethereum Price
      • Binance Coin Price
      • Litecoin Price
  • Industry
    • Industry News
    • Press Releases
  • How to
    • Buy gift cards/mobile Top Ups with Cryptos
    • What Is Bitcoin?
    • Best Bitcoin Wallet
    • Bitcoin vs Ethereum
    • Why Use Blockchain Technology?
    • Bitcoin Cash ABC vs. Bitcoin Cash SV
    • How to Buy Cryptocurrency
    • How to do Crypto Gambling
      • Crypto Casinos
        • Ethereum Casinos
        • Solana Casinos
        • LiteCoin Casinos
        • DogeCoin Casinos
        • Live Crypto Casinos
        • New Casinos
        • Instant Withdrawal Casinos
        • Cash App Casinos
        • No KYC Casinos
        • VPN Casinos
        • Offshore Casinos
          • Crypto Casinos IT
          • Crypto Casinos ES
            • All Guides
          • Crypto Casinos JP
          • Crypto Casinos SG
          • Crypto Casinos MY
          • Crypto Casinos KR
          • No GAMSTOP Casinos in UK
          • No Cruks Casinos NL
      • Crypto Betting
        • No ID sportsbooks
    • Play Crypto Games
      • Crypto Poker
      • Crypto Slots
      • Crypto Blackjack
      • Crypto Crash Gambling
        • Aviator Sites
      • Plinko
    • Bitcoin Mining
    • Best Bitcoin Brokers
    • Best Bitcoin Forex Brokers
    • How To Earn Bitcoin
    • What is Facebook Libra?
    • Ripple and XRP: The Complete Guide
  • Events
  • Play Games
Bitcoinist.com
No Result
View All Result
Breaking News: BREAKING: Saylor's Strategy Misses S&P 500 Inclusion, Robinhood Takes Spotlight

Ledger Hardware Wallets Vulnerable to ‘Man in the Middle’ Attacks

Patrick Smith
by Patrick Smith
7 years ago
·
Posted in News, Altcoin News, Bitcoin, Bitcoin Wallet, Ethereum, Hardware, News teaser
Trusted Editorial content, reviewed by leading industry experts and seasoned editors. Ad Disclosure

Ledger hardware wallets, once considered one of the safer methods to store cryptocurrency, have been reported to be vulnerable to “man in the middle” attacks.


The Flaw

A team of unknown security researchers exposed a vulnerability that allegedly involves all Ledger hardware wallets. The discovery of the issue is said to have affected over one million users and has made it evident that the devices are not a foolproof method of storing crypto.

The newfound threat allows cybercriminals to show fraudulent addresses to ledger users/ customers in order to drain the user’s wallet and transfer the contents into their own wallet.

The problem was addressed by Ledger on February 3rd when the company Tweeted a report containing details of the vulnerability. The report offers preventative steps to avoid falling victim to attack but does not offer a real fix or solution.

To mitigate the man in the middle attack vector reported here https://t.co/GFFVUOmlkk (affecting all hardware wallet vendors), always verify your receive address on the device's screen by clicking on the "monitor button" pic.twitter.com/EMjZJu2NDh

— Ledger (@Ledger) February 3, 2018

The security researchers behind the discovery reported that Ledger did not take the findings seriously, saying

We contacted the CEO and CTO of Ledger directly in order to privately disclose and fix the issue. We’ve received a single reply, asking to hand over the attack details. Since then, all our mail have been ignored for three weeks, finally receiving an answer that they won’t issue any fix/ change.

Instead, the company plans on raising public awareness so that users can protect themselves from these types of attacks.

How It’s Done

A Ledger wallet creates a brand new address every time a payment is to be received, however, a man-in-the-middle attack will transfer the cryptocurrency to a fraudulent address instead of the user’s wallet. The report released by Ledger states that the attack is carried out when a Ledger customer uses a computer infected with malware, allowing the cybercriminal to interfere with the addresses that the cryptocurrency is intended for.

Once the computer is compromised, the attacker can discreetly change the code used to generate the unique address and, consequently, deposit the balance in their own wallet.

This is due to the wallet using a JavaScript code running on the computer. A computer infected with the malware only needs to replace the code that generates the receiving address with a code that leads to the attacker’s wallet.

Man in the Middle Attack

Preventing Attack

The report went on to mention suggestions for preventing an attack. It stresses that users verify the wallet address that funds are being sent to before transferring. A user can check this by clicking on the button below the QR Code to display the address of the hardware wallet and verify it. (Shown above in Tweet)

As it continues, the report explains that the module is not applicable on the Ether wallet interface from Ledger due to the fact that the Ethereum app does not have mitigation, leaving the user unable to confirm whether the address is correct or not. As a result, the unnamed authors of the report suggested

If you’re using the Ethereum App – Treat the Ledger hardware wallet the same as any other software-based wallet, and use it only on a Live CD operating system that is guaranteed to be malware-free. At least until this issue receives some kind of fix.

Do you have a Ledger product? What are your thoughts on these new attacks? Let us know in the comments below!


Images courtesy of Pixabay, LinkedIn

Editorial Process for bitcoinist is centered on delivering thoroughly researched, accurate, and unbiased content. We uphold strict sourcing standards, and each page undergoes diligent review by our team of top technology experts and seasoned editors. This process ensures the integrity, relevance, and value of our content for our readers.
ShareTweetShareShare

Sign Up for Our Newsletter!

For updates and exclusive offers enter your email.

I consent to my submitted data being collected and stored.
Patrick Smith

Patrick Smith

Follow

Full Profile

Related Posts

Bitcoin

Over 1 Million In Bitcoin Locked In Treasuries As Institutions Pour In $1 Billion

12 hours ago
Ethereum ETFs

US Ethereum ETFs Surpass Weekly Record With $787M Outflow — Details

14 hours ago
Bitcoin

$5 Billion Bitcoin Treasure Tied To Piracy Website Found In German Wallets

16 hours ago
Ethereum

Ethereum Holdings On Centralized Exchanges Plummet —  Supply Shock Imminent?

16 hours ago
Bitcoin

Bitcoin Indicator Re-Enters Accumulation Zone After 147 Days – Details

19 hours ago
Bitcoin

$6B In Bitcoin: Marathon Digital Treasury Now 2nd-Largest Among Public Firms

1 day ago
Please login to join discussion

Premium Sponsors

Press Releases

  • miner

    XRP price battles for key support levels, with holders...

    1 day ago
  • miner

    Global Investors Tap BAY Miner App for BTC and XRP Monthly...

    1 day ago
  • Cloud Mining

    From Holding to Profit: How XRP Earns $27,000 Daily from...

    2 days ago
  • minwer

    XRP Holders Can Earn $10,000 a Day Through COME...

    2 days ago
  • BTC prices hit a two-week high, and holders flocked to GMO...

    2 days ago

Bitcoin news portal providing breaking news, guides, price analysis about decentralized digital money & blockchain technology.

Bitcoin

  • News
  • Price
  • Businesses
  • Acceptance
  • Technology
  • Investment
  • Regulation
  • Reviews

Altcoins

  • News
  • Price
  • Ethereum
  • Ripple
  • Litecoin
  • EOS

Categories

  • Blockchain
  • Security
  • FinTech
  • Technology
  • Trending
  • Breaking News
  • Press Releases
  • How to

About Us

  • Advertise
  • Contact us
  • Editorial Policy
  • Privacy Policy
© 2025 Bitcoinist.com. All Rights Reserved.
  • Bitcoin
    • News
    • Price
    • Businesses
    • Acceptance
    • Technology
    • Investment
    • Regulation
    • Reviews
    • All Bitcoin News
  • Altcoins
    • News
    • Price
    • Ethereum
    • Ripple
    • Litecoin
    • EOS
    • NAGA
    • All Altcoin News
  • Tech
    • Blockchain
    • Security
    • FinTech
    • Price
      • Bitcoin Price
      • Ethereum Price
      • Binance Coin Price
      • Litecoin Price
  • Industry
    • Industry News
    • Press Releases
  • How to
    • Buy gift cards/mobile Top Ups with Cryptos
    • What Is Bitcoin?
    • Best Bitcoin Wallet
    • Bitcoin vs Ethereum
    • Why Use Blockchain Technology?
    • Bitcoin Cash ABC vs. Bitcoin Cash SV
    • How to Buy Cryptocurrency
    • How to do Crypto Gambling
      • Crypto Casinos
      • Crypto Betting
    • Play Crypto Games
      • Crypto Poker
      • Crypto Slots
      • Crypto Blackjack
      • Crypto Crash Gambling
      • Plinko
    • Bitcoin Mining
    • Best Bitcoin Brokers
    • Best Bitcoin Forex Brokers
    • How To Earn Bitcoin
    • What is Facebook Libra?
    • Ripple and XRP: The Complete Guide
  • Events
  • Play Games
Advertise

© 2025 Bitcoinist. All Rights Reserved.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Center or Cookie Policy.