Ledger Hardware Wallet to Issue Exploit Fix to Prevent Users from Sending BTC on Accident

Hardware crypto wallet, Ledger, can be exploited causing users to lose their funds, software researcher reveals. Ledger claims the vulnerability is due to a tradeoff between security and usability of the wallet. According to the firm’s spokesperson, the issue is now fixed with a confirmation prompt displayed.

According to a blog published by Mo Nokhbeh, a crypto software researcher, the Ledger Wallet app is in danger of exploitation due to a vulnerability that has persisted on the platform since 2019. According to Mo, a user can send Bitcoin (BTC) instead of other Bitcoin forks such as the BTC testnets, Litecoin, Bitcoin Cash etc. without their knowledge if even if they had selected the ‘forks’.

To use the Ledger hardware wallet, a user must install the corresponding app on to the USB drive allowing users to hold different types of digital currencies. However, only one app is able to be open at a time to ensure security and total isolation of the apps.

An issue arises with BTC and its corresponding forks for example if your Litecoin app is open and live and you’d wish to send LTC, the wallet will prompt a confirmation of a Bitcoin transaction while the interface presents it as an LTC transaction to a Litecoin address. If you accept the confirmation, a fully valid BTC transaction will be sent out of your wallet instead of the cheaper altcoin forks.

Read More >> Data Breach at Popular Hardware Crypto Wallet Ledger Affects Million; Trezor Fires Shots

Interactions with Ledger

Mo has been vocal to the Ledger team on the vulnerability of their platform, but claims his cries fell on deaf years with the issue persisting for the past year and a half. In a response posted on Decrypt, a spokesperson from Ledger said the delays were mainly due to the communications channels the security researcher used. The spokesperson said,

“The researcher contacted us through many means—mainly Twitter DMs. The appropriate medium for bug bounty remains the dedicated email address [email protected] Due to this, our point of view on this timeline differs, and we are genuinely sorry for the miscommunication.”

However, Nokhbeh denies the claims saying the only time he sent a Twitter DM was recently in June 2020 after a number of failed tries through the official channels.

Read More>> Crypto Hardware Wallet Ledger: ‘Funds are Safe' After ‘BigSpender' Vulnerability Found

Solution to the Ledger App vulnerability

In a statement focusing on the possible exploits, Ledger said the vulnerability arose as a tradeoff between security and usability especially for the Bitcoin network. While the external security of the wallets remain solid, Ledger allows Bitcoin forks/derivatives that follow the same derivation path as the top crypto to derive public keys or sign Bitcoin transactions. It reads,

“Some BTC forks use the same derivation path as BTC. If we prevent these forks from using the BTC derivation path, this would simply prevent users from using the Ledger Nano S/X with these forks.”

The statement further states the solution to the issue has been released in a new update warning users when their intended and confirmation transactions do not match.

Get Free Email Updates!

*Action* Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

I will never give away, trade or sell your email address. You can unsubscribe at any time.

Lujan Odera
Lujan Odera
Lujan is a blockchain technology and cryptocurrency author and editor. He has worked in the field of cryptocurrencies and blockchain technology since 2015 helping him gain enough experience to be the writer he is today. He is known for his simple writing style that allows novices to understand the field in the simplest way.

[Alert] Use the author's self-conducted information at your own risk, do you own research, never invest more than you are willing to lose.

[Disclosure] The published news and content on BitcoinExchangeGuide should never be used or taken as financial investment advice. Understand trading cryptocurrencies is a very high-risk activity which can result in significant losses. Editorial Policy \\ Investment Disclaimer

LEAVE A REPLY

Please enter your comment!
Please enter your name here

3,482FansLike
2,795FollowersFollow
4,266FollowersFollow

Live Bitcoin Price & Latest BTC Charts

Today's Latest Crypto News

Investors With Low Financial Literacy Are Twice As Likely to Own Crypto vs Market Gurus: Bank of Canada Report

A new study released by the Bank of Canada has revealed that folks with lower financial literacy are more likely to own Bitcoin than...

Love it or Hate it, UNI Token Stands to Benefit from Uniswap’s Evolution

After releasing the UNI token as part of Uniswap V3, the first update for Uniswap V3 has been made on Github. It might say...

Israeli Draft Bill Proposes Bitcoin be Defined as Currency to Cut Down the Hefty Capital Gain Tax

Four members of the Knesset, Israel’s legislative body, from the Yisrael Beiteinu faction, the secular nationalist political party, have submitted a private member’s bill...

TRON Partners With BitGo To Mint New Wrapped Bitcoin And Ethereum Tokens On Its Blockchain

TRON launches wrapped Bitcoin and Ethereum on its blockchain. The blockchain aims at taking over the raging DeFi market. Tron announced a partnership with...

More Urgent than Ever – Ethereum Layer 2 Solution Goes in its First Phase of Testnet Launch

Ethereum layer 2 solution Optimism is welcoming the first phase of the Optimistic Ethereum Testnet. This development has become a necessity of the market thanks...

BitcoinExchangeGuide is a hyper-active daily crypto news portal with care in cultivating the cryptocurrency culture with community contributors who help rewrite the bold future of blockchain finance. Subscribe on Google News, see the mission, authors, editorial links policy, investment disclaimer, privacy policy. Got News? Contact us, we are human too. Note: nothing here is financial advice, do your own research thoroughly.

Start Using Crypto Today