Researchers published a proof of concept attack in which a malware modifies the Ledger Chrome application in order to edit the received address displayed on the computer screen.
What does this mean? Simply said, you’ll be sending your crypto to some happy camper that hacked your wallet and stole your coins.
Ledger has announced that they are fighting back against hackers and have provided a software update to help resolve this risk of consumers sending there crypto to the wrong person.
“Software update: we released an update to the Ledger Wallet Bitcoin Chrome application that will request users to verify destination addresses on their Ledger hardware device – not just on the screen of their computer. Bitcoin & altcoins are getting the new feature (ETH and XRP apps will benefit from the feature in the new global release)”
Ledger has also made the following statement below:
“Upgraded Bug Bounty program: we are growing quickly – and we are still developing and strengthening some of our behind the scenes processes. We value contributions from security researchers and the community, and will be making our Bug Bounty programs faster and more efficient. We already a dedicated mail address set up: firstname.lastname@example.org “
“Education: security is an arms race – but we’re in it for the long haul. We plan to continue working on resources and materials to help educate our community on the threats they face and how they can best secure their assets. We invite you to read our basic security principles ruleset.”