The Ledger wallet is certainly one of the most popular among cryptocurrency holders. A well-established French company, it is even one of the flagships of the crypto-industry in France. However, for some time now, the company has continued to have a series of scandals, successively leading to a loss of confidence in its products.
Yesterday, a security flaw was revealed (and fixed within the day), indicating (once again) that Ledger wallets could be risky.
A vulnerability quickly corrected
On December 14, more than $500 in cryptocurrencies were siphoned from some wallets due to a security flaw in the Ledger Live service which allows interaction with decentralized applications (dApps).
This vulnerability caused real panic in the crypto community because it was not only Ledger wallet holders who were the target of Phishing attack but everyone who had interacted with the library of dApps configured by Ledger. Indeed, a line of “minimalDrainValue” code made it possible to open a malicious window in order to drain funds from users who connected to an application.
Fortunately, Ledger quickly corrected the problem and permanently removed the malicious version of the software. The vulnerability having been perceived and corrected quickly made it possible to greatly limit the damage suffered.
The company also reminded that it is crucial to always verify the accuracy between the addresses displayed on the Ledger screen and on the Ledger software before confirming a transaction.
Likewise, for added security, it is recommended to clear your browser cache and clear site data. The new version of Ledger Connect Kit 1.1.8 i has been updated.
Recurring problems?
In fact, this isn't the first time Ledger has faced security issues. In 2020, we remember the dramatic cyberattack which revealed more than a million personal information of Ledger wallet holders on RaidForum. The information included postal addresses, names and telephone numbers of customers. That same year, a fraudulent email posing as Ledger customer support used a basic phishing technique to steal customer data.
More recently, in 2023, a marketing campaign to promote the Ledger wallet suggested customers wear their wallet around their neck, like a necklace.
This advertising campaign was strongly criticized on social networks because of the risks it involves for users. Remember here that it is strongly recommended not to display or show off your Ledger portfolio in a public place.
Finally in May 2023, the company Ledger was again under fire linked to the launch of its new service allowing the “custody” of the private keys of its users. The option " Ledger Recover” was certainly the act most denounced by the most rigorous community in terms of privacy.
What are the alternatives to Ledger?
Some Ledger holders have turned away from products made by Ledger. It turns out that there are several alternatives to replace or equip yourself with a secure wallet.
It is strongly recommended to opt for a open source wallet because the risks of vulnerabilities being submitted to several collaborators are more likely to be perceived and corrected quickly. Likewise, the idea of using open source software is ideally suited to the philosophy of Bitcoin.
In terms of choice, you can choose a wallet Trezor Safe 3 at only €79 or a ColdCard if you have a more advanced profile.
See also:
Note: There is no financial advice in this or any other article on this site. This is information of which you are the sole judge and master. Be responsible with your investments and only invest as much as you are willing to lose.
To support us, use our referral links:
Buy cryptocurrencies (the easy way):
Generate interest on your cryptocurrencies:
- Public chat Youhodler (Earn up to 12% interest)
Secure your cryptocurrencies:
- On the wallet safepal
To have fun and play
- The best for Esport and bitcoin sports betting
- Discover the bitcoin casinos