Image Source
Ledger is one of the most secure services in terms of cryptocurrency storage today. A reality that does not prevent it from being confronted with security vulnerabilities that need to be addressed quickly. A new breach of this kind has just been updated and it concerns Bitcoin (BTC) and its forks.
It is difficult to be a leading company in an evolving field such as cryptocurrency . This exposes many greed and large-scale malicious attacks . A fact that was further confirmed not long ago with the hack of the official website of the company Ledger and the theft of the private data of more than a million of its customers. This exposes those affected to potential targeted phishing attacks .
A problematic fact that comes in addition to recent information revealing that a new security flaw has just been detected in the hardware wallets that make the success of the French company. And this concerns Bitcoin and its (too) many forks . Information that could potentially pose a problem if it were to cross the company's customer file on the darknet .
Pay in LTC and validate a transaction in BTC
Without going into too technical details, this flaw concerns the validation of Bitcoin "type" transactions from Ledger storage keys. These are processed according to the same process whether it is Bitcoin or one of its forks such as Litecoin (LTC) or Bitcoin Cash (BCH) for example. A choice assumed and explained by the company LEDGER in December 2019 which is obviously not as secure as expected .
This is an article from site monokh which exposes this flaw for the first time . It's titled "Ledger Application Isolation Bypass." And this concerns transactions made using the Ledger wallet which could be corrupted intentionally and maliciously .
It explains how the joint management of Bitcoin forks and BTC itself could allow a transaction to be made in a cryptocurrency such as Litecoin (LTC) that would in fact hide a move of another more expensive cryptocurrency such as Bitcoin (BTC). This without the user realizing it and thus validating this operation thinking of performing the first.
In fact, a transaction for an amount of 10 LTC (approximately $ 580) could result in the payment of approximately 10 BTC ($ 113,000) , which is not the same at the current price of these two digital assets! But this obviously only concerns the fact of using a Ledger key to carry out transactions directly to applications that could take advantage of this flaw. And only in Bitcoin or one of its forks .
It seems that Ledger has not given any response following the disclosure of this flaw which dates from January 2019 or even made any changes to avoid its exploitation . Reason for which it has just been released publicly at the beginning of the week .
Please feel free to subscribe to CryptoPlanet360 on Youtube to get the latest videos about Crypto projects and Blockchain
Subscribe here: https://bit.ly/2NSkrOU
