There might be $500 billion wiped away from the total cryptocurrency market cap, but now news is breaking that Ledger hardware wallets aren't very safe at all.
Ledger has posted on their Twitter account reminding users that they should "always verify [their] receiv[ing] address" by checking the "monitor screen" at the bottom of the transaction request form.
There's a major problem here is that Ledger's design is inherently flawed, as the hardware wallet requires new addresses to be generated constantly, which doesn't give owners an option to "verify the integrity of the receive address". This could lead some users to thinking that a hackers' receiving address is fine, and then transfer their crypto to them.
DocDroid's report continues, saying that all Ledger software is easily exploited and can be modified by simple unprivliged malware. This means that users can get into the system, without the requirement of administrative rights. Wow.
Ledger's wallets can't check for integrity in their current state, which means they have no anti-tampering protection from these holes. DocDroid goes for the throat, saying that Ledger wallets are so badly designed that pre-infected devices could hijack users' first-ever transaction, which is just awful.
But don't worry, because Ledger replied to the report where they said on Twitter that the issue "cannot be solved in the absolute". The company continued: "A malware can always change what you see on your computer screen. The only solution is prevention and building an UX to make the user check on its device. On device verification feature has been added [six] month ago already".
More Crypto News/Content:
- > NEXT STORY: PUBG: over 26 million sold, over 2.7 billion hours played
- < PREVIOUS STORY: Nintendo to keep selling NES and SNES Classic Editions