I just saw the tweet from the account of @LedgerHQ, the official account of the French company Ledger, where they announced the threat of the possibility that a hacker can make a "man in the middle" style attack when the wallets are used.
Credit
For what they clarify in the publication they share in that tweet It is possible to avoid this threat by simply checking the addresses to which you are going to send any cryptocurrency and also to which address someone is going to send you cryptocurrencies. It can happen in both directions because the attack would work in the following way, the hacker installs a malware and this modifies the Ledger Chrome application to edit the received address that is displayed on the computer screen. Because of this it would be impossible to trust what is shown on the computer screen. but ... luckily there is always a but. The Ledger application ...
also has a dedicated icon (third one from the left hand side, see image below) allowing the user to display the receiving address on their Ledger device. When the user clicks on this icon, the correct address is generated by the wallet and displayed on the Ledger hardware wallet’s screen.
This is the only information you can trust.
Credit
The company is going to release an update to further secure the wallet, now that they know about this attack. The application will ask users to verify the destination addresses on their Ledger hardware device, not just on their computer screen.
Credit
Credit
So You know! Be very careful even using those wallets considered very safe.
Estas cosas son las que pueden joder todo este mundillo... Siempre va a haber "listos" que utilicen su inteligencia para el mal y encuentren recovecos para dar por saco. Ni un dispositivo físico de Cold Wallet es ya seguro?!?!
Sí, por desgracia siempre hay listos ... por suerte hasta ahora no ha pasado y ya hay soluciones para este mal ;)
Ledger tweeted @ 05 Feb 2018 - 21:47 UTC
Disclaimer: I am just a bot trying to be helpful.