Crypto Wallet Startup Ledger Detects Phishing Malware Targeting Desktop App

-
 
By
Hardware cryptocurrency wallet manufacturer Ledger has detected malware targeting its desktop application, according to a tweet on April 25.

Ledger warned its users that the malware locally replaces the Ledger Live desktop app with a malicious one, and advised to follow security practices published on its blog. The company’s Twitter announcement specifically reads:
“WARNING: we’ve detected a malware that locally replaces the Ledger Live desktop application by a malicious one. Users of infected computers are asked to enter their 24-word recovery phrase after a fake update.”
In the comments to the post, Ledger revealed that the malware is infecting only Windows machines, although the company has reportedly detected only one affected device. Ledger further noted that the malware cannot compromise users’ computers or digital currency, but only represents a phishing attack in a bid to lure users to enter their 24-words recovery phrases.

Ledger also pointed out that the malicious software does not originate from its website or servers, however the company did not discover the infection method at the time.

Last December, the research team behind the dubbed “Wallet.fail” hacking project claimed that they were reportedly able to install any firmware on a Ledger Nano S. While the team used this vulnerability to play the game Snake on the device, one member of the team that found the exploit claimed:
“We can send malicious transactions to the ST31 [the secure chip] and even confirm it ourselves [via software,] or we can even go and show a different transaction [not the one that is actually being sent] on the screen.”
The team also demonstrated that they found a vulnerability in the Ledger Blue, the most expensive hardware wallet produced by the company, that comes with a color touchscreen. The signals are transported to the screen by an unusually long trace on the motherboard, the researcher explained, which is why it leaks those signals as radio waves.

When a USB cable is attached to the device, the aforementioned leaked signals purportedly get strong enough that they could be easily received from a distance of several meters.

Following the claim, Ledger claimed that the uncovered vulnerabilities in its hardware wallets are not critical. The reason Ledger said that the vulnerability was not critical is that “they did not succeed to extract any seed nor PIN on a stolen device” and “sensitive assets stored on the Secure Element remain secure.”
 https://cointelegraph.com/news/crypto-wallet-startup-ledger-detects-phishing-malware-targeting-desktop-app

Comentarios

Publicar un comentario

Entradas populares de este blog

A Race for Blockchain: IBM, Microsoft, Lenovo explore DLT

-
Imagen
Blockchain, cryptocurrency, and other innovative techs have significant disruptive potential. Within the course of time, this fact becomes obvious not only for community enthusiasts but also for traditional industry players. That is probably the major reason for world electronic bulls to explore the innovative possibilities to boost their own progress. Microsoft showed interest in blockchain technology back in 2018. They announced their plans to apply the technology behind Bitcoin (the leading crypto by market cap) in its decentralised IDs (DIDs) App. The company was support DLT-based DIDs through Microsoft Authenticator App. However, as of now, the project seems to be frozen.    Unstoppable IBM    IBM, another technological giant, has has shown interest in exploring blockchain and cryptocurrency techs even earlier, in 2015. As of now, the company is known to take part in several related projects.   In January 2019, Ford Motor comp...
Leer más

Cryptocurrency Universe Expands Far Beyond Bitcoin

-
Imagen
The code base is increasing and improving every day as computer science graduates from top schools jump on board. By Aaron Brown A sort of “cryptobrawl” broke out last month at the Milken Institute Global Conference between economist Nouriel Roubini and panel participants more optimistic about the future of cryptocurrency technologies. I had the opportunity to participate in a partial rematch at Battle of the Quants, where Roubini was just as negative and DMS Governance's John D’Agostino presented a moderate defense. All of the heat concerns the border of crypto and traditional finance, but much of the important stuff is happening far from the border. For example, one of Roubini's claims is that advances in financial technology by existing financial institutions and startups are delivering on many of the promises of crypto-enthusiasts, and these will continue to transform financial markets. That’s true. However, many of those advances were spurred by the threat of ...
Leer más

Small-business owners more optimistic at the start of 2020, the NFIB says

-
Imagen
The numbers: Small businesses turned more optimistic about sales and profits in the first month of 2020, but they are still struggling to find qualified workers, according to a closely followed survey. The National Federation of Independent Business said its index of small-business optimism rebounded from a small dip in at the end of last year, rising to 104.3 points in January from 102.7 in December. Business owners were more confident that sales would continue to rise and help support higher profits, the NFIB said. What happened: The net percent of owners who expect higher inflation-adjusted sales in the months ahead rose by 7 points to 23%. By and large, business owners were nonplussed by the impeachment trial of President Donald Trump. A gauge that measures uncertainty was basically unchanged. The biggest worry of small businesses continues to be a shortage of skilled employees available for hire. A quarter of owners say it’s their No. 1 problem — more than taxes or re...
Leer más