It is high time those Cryptocurrency enthusiasts that depend on Ledger hardware wallets for the storage of their coins woke up to the reality that times are fast changing with fraudsters pulling into the scene in large numbers. There is thus great need for them to exercise a high sense of caution according to advice from trusted experts.
The sending of money from one point to the other is not a matter that anyone should taker for granted because of the escalating level of risk. The sticky-fingered hackers are on the loose and their aim is to re-route your digital cheddar away from your intended recipient and instead channel it to their own wallets.
Top experts in the Crptocurrency industry have in several instances taken to Twitter Inc (NYSE:TWTR) urging the large number of users to exercise great caution. They have been rather assertive on the great need for the different users to ensure that they do verify their receiving address.
Vulnerability reports have been on the rise and it was days ago when Ledger admitted that quiet a significant number of its hardware wallets suffered from the sort of flaw that made it quite easy for attackers to infect it with malware. The malware by these hackers is such that it tricks the user to send his/her cryptocurrency to them.
An expert following closely on the latest developments opined, “Ledger wallets generate the displayed receive address using JavaScript code running on the host machine. This implies that a malware can simply replace the code responsible for generating the receive address with its own address, causing all future deposits to be sent to the attacker.”
He went further to state that matters were going to the extreme. The overall design of Ledger is such that it advocates for the generation of new addresses in a consistent manner. That implies that the various users end up lacking the viable options with which they can be able to successfully verify the integrity of the receive address.
It is quite unfortunate that there is a loophole of duping users into believing that a given displayed receiving address is authentic whereas in the real sense it isn’t.