A tweet on Saturday 3rd February has revealed that Ledger, a popular hard wallet for cryptocurrencies, has discovered a vulnerability that could lead to Ledger users losing their funds. 

Hardware wallets are considered as the safest place to store your bitcoin and cryptocurrencies by many investors in the space. The Ledger wallet is considered one of the top hardware wallets available – it sold over a million devices in 2017 alone and recently reported that it had raised an impressive Series B round of $75 million in January 2018.

Not only does a Ledger device store your private keys in an offline environment, it requires you to physically click buttons on the device to confirm payments (preventing hackers from automating this), and it has a PIN code that prevents use of the device by unauthorised users. Ledger’s entire business model is based on the premise that their device will keep your cryptocurrencies safe.

This latest security flaw to be exposed in this report is not a flaw in the Ledger device itself, and will not allow the funds stored within the device to be taken without permission. So if your cryptos are in your Ledger, you don’t need to panic.

The threat only exists when you want to send funds into your Ledger. Rather than malware infiltrating the  Ledger device itself, it is actually sitting in the supporting Ledger application on your computer – the application that you use to interact with the funds within your device.

A man-in-the-middle attack (MITM) is defined as an attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other. In the case of Ledger, malware infiltrates the Ledger Javascript application on your computer. When you request the receive address from your Ledger, this “man in the middle” gives you the incorrect receive address; that of the creative inventor of this malware. So when you send your thousands of Ethereum (one can dream) to your Ledger address, you could actually be sending it to someone else.

While the original report was sent to Ledger on the 4th January, it took 4 weeks until the CTO acknowledged the report and a further week before a statement was made on twitter, informing Ledger users of the issue, leaving users unaware of the issue and potentially at risk for nearly a month.

The proposed solution by Ledger is that users should always verify the receive address on their device’s screen  by clicking on the “monitor” button that appears when receiving a payment. However, this is not explicitly advised in the Ledger documentation.  So if you don’t follow ledger on Twitter, or hadn’t read an article regarding this issue until now, you have been at risk of losing your coins in any transfers to your Ledger device.

As the report points out, “A proper solution would be to [force] the user to validate the receive address before every receive transaction, just like the wallet [forces] the user to approve every send transaction”.

Ledger has indicated that one of the next steps they are taking is to “update the user experience on the current version of the Ledger Wallet Bitcoin Chrome application so that the user is required to verify the address on the device’s screen (ETH and XRP apps will benefit from the feature in the new global release)”. The update is scheduled for this week, so make sure if you have a Ledger, you keep your device and chrome applications updated.

Although it is still much safer to have your funds stored offline, rather than on an exchange, make sure that until Ledger has released this foolproof solution to this issue, you always verify your receive address. And make sure you spread the word to anyone you know using Ledger, because if they haven’t kept up with twitter or the news, and don’t know about double checking their receive address,  they are at risk.