Monday, May 16, 2022
  • Shop
  • My Account
    • Cart
    • Checkout
  • Login
NewsDigitize
  • Home
  • News
    • Google
    • Apple
    • Facebook
    • Microsoft
      • Windows
    • WhatsApp
    • Yahoo
    • Flipkart
    • Intel
    • Nvidia
    • Alibaba
    • NASA
    • IBM
    • BlackBerry
    • Linux
    • Airtel
    • Amazon
  • Social
    • Social Media
    • Twitter
    • Facebook
  • Topic
    • Technology
    • Technology company
    • Android
    • Android App
    • App
    • Smart Phones
    • Router
    • WiFi
    • Electronics
    • Space
    • Virtualization
    • Gadget
    • SEO
    • Hacking
    • Robot
    • Transportation
    • Drones
  • Internet
  • Telecom
No Result
View All Result
Plugin Install : Cart Icon need WooCommerce plugin to be installed.
NewsDigitize
  • Home
  • News
    • Google
    • Apple
    • Facebook
    • Microsoft
      • Windows
    • WhatsApp
    • Yahoo
    • Flipkart
    • Intel
    • Nvidia
    • Alibaba
    • NASA
    • IBM
    • BlackBerry
    • Linux
    • Airtel
    • Amazon
  • Social
    • Social Media
    • Twitter
    • Facebook
  • Topic
    • Technology
    • Technology company
    • Android
    • Android App
    • App
    • Smart Phones
    • Router
    • WiFi
    • Electronics
    • Space
    • Virtualization
    • Gadget
    • SEO
    • Hacking
    • Robot
    • Transportation
    • Drones
  • Internet
  • Telecom
No Result
View All Result
Plugin Install : Cart Icon need WooCommerce plugin to be installed.
NewsDigitize
No Result
View All Result

Researcher Cracks ‘Hacker-Proof’ Crypto Wallet

Chief Editor by Chief Editor
March 23, 2018
in Hacking
0 0
0
Home Hacking

A hardware wallet for virtual currencies with millions of users has been compromised by a 15-year-old security researcher.

Saleem Rashid explained how he cracked the firmware on the wallet produced by Ledger in an online post Tuesday.

Rashid performed what’s known as a “supply chain” attack. That means a targeted device is compromised before any users get their hands on it.

The attack on Ledger’s US$100 Nano S wallet creates a backdoor on the device that generates predetermined wallet addresses and passwords. With that information, a bandit could perform a number of nasty deeds, including sending money from the wallet to the attacker’s account.

Rashid informed Ledger of his hack in November. Since then, the company has released a new version of the firmware that’s supposed to address the vulnerability in the Nano S, although it remains unaddressed in another model of the wallet, the Ledger Blue.

Serious but Not Critical

For its part, Ledger discounted the severity of Rashid’s findings.

“The issues found are serious (that’s why we highly recommend the update), but NOT critical,” Ledger’s Chief Security Officer Charels Guillemet wrote in an online post. “Funds have not been at risk, and there was no demonstration of any real life attack on our devices.”

Any backdoors planted on a wallet using Rashid’s methods would be detected when the device connected with Ledger’s servers to download an application or perform a firmware update, Guillemet explained in a separate “deep dive” post about the hack.

Rashid had not yet verified if the firmware upgrade fully addressed his hack, he told Ars Technica, but noted that even if it does, the flawed design of the product makes it likely the attack could be modified to work again.

Shadow Over Wallets

Although the vulnerability discovered by Rashid may cause some concern for user’s of Ledger’s hardware wallet, it’s unlikely to create anxiety among cryptocurrency users in general.

“Ledger is a single provider of a hardware wallet. The majority of cryptocurrency users don’t use hardware wallets,” said David Johnson, CEO ofLatium, an organization that pays people in cryptocurrencies for completing crowdsourced tasks.

“I don’t believe this will have massive ramifications to the cryptocurrency community as a whole,” he told TechNewsWorld.

While the attack may not affect the wider cryptocurrency community, it could cast doubt on other hardware wallets, suggested William J. Malik, vice president of infrastructure strategies at Trend Micro.

“It implies that all cryptocurrency wallets could be suffering similar vulnerabilities,” he told TechNewsWorld.

Securing the Supply Chain

Although Ledger chose to close the vulnerability in its wallet through a firmware update, tightening its supply chain security may be essential.

“No matter how good, secure or safe a solution is, there always are — and always will be — weaknesses that can be used to crack it,” observed Kirill Radchenko, CEO of Paygine.

“The question is how expensive it is to close those gaps and to prevent bad guys from using them. In this case, using tamper-proof packaging seems to be quite a sufficient measure that can be easily implemented and that does not affect the product price,” he told TechNewsWorld.

“So if a weakness can be efficiently addressed and does not cost a fortune,” Radchenko continued, “there will be no need to change the device itself or its architecture to address the problem.”

Cryptocurrency Crypto Still Safe

Rashid’s vulnerability involved Ledger’s wallet implementation — not the security of any of the cryptocurrencies that might be stored in it, emphasized Kees Schouten, the senior director for product at NYIAX.

“The security of blockchain transactions themselves are not in doubt or exposed with this hack,” he told TechNewsWorld.

“The hack wasn’t the hack of the cryptography,” Latium’s Johnson added. “It was a hack of the wallet provider’s software. If someone had undone the actual cryptography that backs cryptocurrency, then you would have a major problem on your hands.”

Source: technewsworld.com

ShareTweetShare
Chief Editor

Chief Editor

Next Post
YouTube follows Amazon into movie theaters

YouTube follows Amazon into movie theaters

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

  • Trending
  • Comments
  • Latest
Vodafone India says IoT becoming fastest growing segment for enterprise biz; mulling narrowband IoT network

Vodafone India says IoT becoming fastest growing segment for enterprise biz; mulling narrowband IoT network

April 16, 2018
Android Oreo: 18 advanced tips and tricks

Android Oreo: 18 advanced tips and tricks

March 19, 2018
OnePlus Nord CE 2 5G India Launch Date Set for February 17, Design Tipped in Teaser Video

OnePlus Nord CE 2 5G India Launch Date Set for February 17, Design Tipped in Teaser Video

February 24, 2022
Here’s how you can de-link your Facebook profile from Instagram

Here’s how you can de-link your Facebook profile from Instagram

February 25, 2022
Apple’s plan to put health records on your phone has huge implications for medicine

Apple’s plan to put health records on your phone has huge implications for medicine

6

The totaly amazing street art collection of 2016

5

Everything you ever need to know about flowers

4

Why you need an amazing photography collection

3
Here’s how you can de-link your Facebook profile from Instagram

Here’s how you can de-link your Facebook profile from Instagram

February 25, 2022
WhatsApp may soon make it easier to organise groups with new ‘Community Home’ feature

WhatsApp may soon make it easier to organise groups with new ‘Community Home’ feature

February 25, 2022
OnePlus Nord CE 2 Lite 5G tipped to soon launch in India with Snapdragon 695 chip, 64MP triple cameras

OnePlus Nord CE 2 Lite 5G tipped to soon launch in India with Snapdragon 695 chip, 64MP triple cameras

February 25, 2022
Amazon, Flipkart, Uber, Others Could Be Persuaded to Go Electric Faster, Maharashtra Hopes

Amazon, Flipkart, Uber, Others Could Be Persuaded to Go Electric Faster, Maharashtra Hopes

February 24, 2022
NewsDigitize

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc.

Read more

Technological Advances

Lorem Ipsum has been the industry’s standard dummy text ever since the 1500s, when an unknown printer took a galley of type and scrambled it to make a type

Footer Menu

  • HOME
  • NEWS
  • SOCIAL
  • TOPIC
  • INTERNET
  • TELECOM

Recent News

Here’s how you can de-link your Facebook profile from Instagram

Here’s how you can de-link your Facebook profile from Instagram

February 25, 2022
WhatsApp may soon make it easier to organise groups with new ‘Community Home’ feature

WhatsApp may soon make it easier to organise groups with new ‘Community Home’ feature

February 25, 2022

© 2022 All Rights Reserved newsdigitize.co.in.

No Result
View All Result
  • Home
  • News
    • Google
    • Apple
    • Facebook
    • Microsoft
      • Windows
    • WhatsApp
    • Yahoo
    • Flipkart
    • Intel
    • Nvidia
    • Alibaba
    • NASA
    • IBM
    • BlackBerry
    • Linux
    • Airtel
    • Amazon
  • Social
    • Social Media
    • Twitter
    • Facebook
  • Topic
    • Technology
    • Technology company
    • Android
    • Android App
    • App
    • Smart Phones
    • Router
    • WiFi
    • Electronics
    • Space
    • Virtualization
    • Gadget
    • SEO
    • Hacking
    • Robot
    • Transportation
    • Drones
  • Internet
  • Telecom

© 2022 All Rights Reserved newsdigitize.co.in.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In