Crypto Wallet Startup Ledger Detects Phishing Malware Targeting Desktop App

Published at: April 26, 2019

Hardware cryptocurrency wallet manufacturer Ledger has detected malware targeting its desktop application, according to a tweet on April 25.

Ledger warned its users that the malware locally replaces the Ledger Live desktop app with a malicious one, and advised to follow security practices published on its blog. The company’s Twitter announcement specifically reads:

“WARNING: we’ve detected a malware that locally replaces the Ledger Live desktop application by a malicious one. Users of infected computers are asked to enter their 24-word recovery phrase after a fake update.”

In the comments to the post, Ledger revealed that the malware is infecting only Windows machines, although the company has reportedly detected only one affected device. Ledger further noted that the malware cannot compromise users’ computers or digital currency, but only represents a phishing attack in a bid to lure users to enter their 24-words recovery phrases.

Ledger also pointed out that the malicious software does not originate from its website or servers, however the company did not discover the infection method at the time.

Last December, the research team behind the dubbed “Wallet.fail” hacking project claimed that they were reportedly able to install any firmware on a Ledger Nano S. While the team used this vulnerability to play the game Snake on the device, one member of the team that found the exploit claimed:

“We can send malicious transactions to the ST31 [the secure chip] and even confirm it ourselves [via software,] or we can even go and show a different transaction [not the one that is actually being sent] on the screen.”

The team also demonstrated that they found a vulnerability in the Ledger Blue, the most expensive hardware wallet produced by the company, that comes with a color touchscreen. The signals are transported to the screen by an unusually long trace on the motherboard, the researcher explained, which is why it leaks those signals as radio waves.

When a USB cable is attached to the device, the aforementioned leaked signals purportedly get strong enough that they could be easily received from a distance of several meters.

Following the claim, Ledger claimed that the uncovered vulnerabilities in its hardware wallets are not critical. The reason Ledger said that the vulnerability was not critical is that “they did not succeed to extract any seed nor PIN on a stolen device” and “sensitive assets stored on the Secure Element remain secure.”

Tags
Related Posts
Secure Bitcoin self-custody: Balancing safety and ease of use
Bitcoin’s supply is capped at 21 million, but a significant proportion of that total sum is likely lost forever. This situation is due to a variety of reasons such as lost private keys and discarded storage devices containing substantial amounts of Bitcoin (BTC). When Bitcoin owners are not being careless with their wallet passwords, they can sometimes be targeted by hackers looking to steal their precious crypto. Those who utilize third-party custodial solutions place their Bitcoin fortune at the mercy of the security protocols adopted by such services. Indeed, several attack vectors are constantly being utilized to try and gain …
Technology / Jan. 17, 2021
Bitfinex hackers move another $30M in stolen Bitcoin from 2016
Bitcoins (BTC) stolen from major cryptocurrency exchange Bitfinex back in 2016 are on the move again, as hackers shift another massive batch of funds to unknown wallets. According to data from crypto transaction tracking service Whale Alert, Bitfinex hackers moved more than $4.6 million in stolen BTC on Oct. 8. These funds were sent to unknown wallets in two separate transactions of 435 BTC and 8 BTC. But the hackers have moved far more than this amount earlier this week. According to Whale Alert, Bitfinex hackers completed seven more similar transactions on Oct. 7, totaling at 2,900 Bitcoin, or $26.4 …
Bitcoin / Oct. 8, 2020
Bitcoin Ransomware and Remote Working: What the Future Holds
The new work-from-home culture is gaining more traction than ever before as businesses, government departments and schools try to remain afloat while flattening the pandemic curve. This migration to remote working is a double-edged sword that creates a fertile land for cybercriminals to thrive on. There is no way that cyberattacks can be eliminated completely. The best that companies can do is minimize the frequency of the threats. What is ransomware? Cybercriminals use malicious software code to block people or organizations from accessing their computer systems until a ransom has been paid. Cryptocurrencies such as Bitcoin (BTC) have made it …
Technology / Aug. 21, 2020
Bitcoin in the Palm of Your Hand — Crypto Hardware Wallets Review
A hardware wallet may just be the safest way to store cryptocurrency for average users. Nowadays, many different devices are trying to tackle the challenges of secure crypto asset storage. In this article, Cointelegraph will review some of the most well-known hardware wallets and compare their features. The cryptocurrency wallets that will be covered in this article are Ledger’s Nano X and Nano S, SatoshiLabs’s Trezor One and Trezor Model T, ShapeShift’s KeepKey, and Coinkite’s Coldcard and Opendime. It is also important to point out that all the wallets tested in this article, other than the Ledger Nano S (which …
Bitcoin / March 26, 2020
‘Free Bitcoin’ Scam Propagated on YouTube Steals Crypto via Clipboard Hijacking
The Qulab information-stealing and clipboard hijacker trojan is being propagated on YouTube via fraudulent videos about an allegedly free bitcoin (BTC) generator, BleepingComputer reports on May 29. According to the report, security researcher Frost reached out to BleepingComputer about the trojan scam, saying that YouTube would take down the fraudulent videos when reported, but new accounts and videos would subsequently pop up with the same MO. The videos reportedly describe a tool that lets users earn free bitcoin, with a link in the video description. The links then direct to a download for the alleged tool, which is the Qulab …
Bitcoin / May 29, 2019