A Newly Discovered Vulnerability in Ledger Wallet Could Be Disastrous If Not Properly Fixed

Published at:
Bitcoin
Hacks
Bitcoin Cash
Cybersecurity
Litecoin
Ledger

A recent report contends that the Ledger app has failed to fix a major vulnerability that allows for a “Bitcoin Fork” attack.

Mo Nokhbeh has claimed that Ledger’s wallet fails to properly isolate the apps responsible for authorizing the transactions of different assets. This creates a vulnerability where a user’s wallet can be fooled into authorizing a transaction for a less valuable asset — such as Litecoin (LTC), Bitcoin Cash (BCH) or any other Bitcoin fork coin — when in reality, a Bitcoin (BTC) transaction is being released. Nokhbeh told Cointelegraph:

“This app should be isolated such that it only signs for testnet derivation paths. However, sending it a regular mainnet bitcoin transaction will pass. In addition, it will present the TX as if it's testnet bitcoin, to a testnet bitcoin address.”

According to Nokhbeh, he made Ledger fully aware of this vulnerability, and despite acknowledging it, the company has failed to fix it. Instead, they have chosen to release an update to their existing app that will provide users with a warning prompt if such an exploit is detected.

We have reached out to Ledger for comment and will update pending a response.

Related Posts
Price Analysis 14/10: BTC, ETH, XRP, BCH, LTC, EOS, BNB, BSV, XLM, TRX   Oct. 14, 2019
US Cryptocurrency Exchange ErisX Receives License for Crypto Futures   July 1, 2019
Bitcoin, Ethereum, Ripple, Bitcoin Cash, EOS, Litecoin, Binance Coin, Bitcoin SV, Stellar, Cardano: Price Analysis May 31   May 31, 2019
Bitcoin, Ethereum, Ripple, Bitcoin Cash, EOS, Litecoin, Binance Coin, Stellar, Cardano, TRON: Price Analysis May 20   May 20, 2019
Bitcoin, Ethereum, Ripple, Bitcoin Cash, EOS, Stellar, Litecoin, Cardano, Monero, IOTA: Price Analysis, September 12   Sept. 12, 2018