New vulnerability of Ledger hardware wallets threatens the safety of users’ cryptocurrency assets
According to the Docdroid portal [PDF], a man-in-the-middle attack can be carried out when the user tries to to create new address for receiving bitcoins in the Ledger wallet. If computer used in the process, infected malicious software, a hacker can secretly change the address generation code, which will allow him to receive everything transfers to your own wallet.
Fortunately, Ledger wallet users can protect themselves from this attack.. For of this they need to take advantage of an “undocumented” function with which the recipient’s address can be displayed on the device.
Besides Togo, this function extends only for receipt bitcoins. Taking on your Ethereum wallet, user does not have opportunities display the address on the device display. To to avoid hacking when working with Ethereum, Docdroid offers to download the operating system at help the Live CD until the company offers another decision.