Researcher Cracks ‘Hacker-Proof’ Crypto Wallet
April 2, 2018
Seid Yassin (557 articles)
Share

Researcher Cracks ‘Hacker-Proof’ Crypto Wallet

A hardware wallet for virtual currencies with millions of users has been compromised by a 15-year-old security researcher.

Saleem Rashid explained how he cracked the firmware on the wallet produced by Ledger in an online post Tuesday.

Rashid performed what’s known as a “supply chain” attack. That means a targeted device is compromised before any users get their hands on it.

The attack on Ledger’s US$100 Nano S wallet creates a backdoor on the device that generates predetermined wallet addresses and passwords. With that information, a bandit could perform a number of nasty deeds, including sending money from the wallet to the attacker’s account.

Rashid informed Ledger of his hack in November. Since then, the company has released a new version of the firmware that’s supposed to address the vulnerability in the Nano S, although it remains unaddressed in another model of the wallet, the Ledger Blue.

Read more
Source | technewsworld

Related articles

A New Zoom URL Flaw Let Hackers Mimic Organization’s Invitation Link

A New Zoom URL Flaw Let Hackers Mimic Organization’s Invitation Link

Android Apps Carrying Windows Malware Yanked From Google Play

Android Apps Carrying Windows Malware Yanked From Google Play

Schneider Electric: TRITON/TRISIS Attack Used 0-Day Flaw in its Safety Controller System, and a RAT

Schneider Electric: TRITON/TRISIS Attack Used 0-Day Flaw in its Safety Controller System, and a RAT