Kraken Security Labs, the cybersecurity division of US-based cryptocurrency exchange Kraken, has identified new potential attacks against popular hardware wallet Ledger. These attacks can affect Ledger Nano X wallets if they execute prior to the user receiving the wallet, if a wallet was intercepted during shipment or obtained from a malicious reseller, Kraken noted. This leaves the attackers theoretically capable of controlling computers connected to Ledger wallets and running malware on them. Thankfully it stayed theoretical — the issue was repaired. Had the matter gone unaddressed, then we’d start hearing about “Bad Ledger attacks” and “Blind Ledger attacks.” The first …
Keycard is a new credit-card sized hardware wallet featuring near-field communication (NFC) to authorize cryptocurrency transactions. At launch, it features integration with combined private messenger/wallet/DeFi browser, Status App, although further integrations are planned. The Keycard team has also released an open application programming interface (API) and software development kits (SDK) for Android, iOS and Go, so that developers can build Keycard functionality into any app requiring authorization or other user authentication. Secure storage and communication of private keys Security is key. In fact, when it comes to cryptocurrency security, it is literally all down to the private key used to …
Digital asset security firm Ngrave announced the launch of a recoverable, encrypted private key backup engraved on a steel plate for cryptocurrency hardware wallets. According to the announcement on June 10, Ngrave Graphene is now available to the public after raising more than $159,000 from a crowdfunding campaign on Indiegogo. Ngrave Graphene has a “cryptographic puzzle” design focused on resisting electric shock, rain, fire, heat up to 1,660 degrees Celsius (3,020º F). The puzzle consists of two plates that contain the owner’s secret key with values on the plate arranged differently for each customer. Both plates are required to recover …
Ledger, a producer of cryptocurrency hardware wallets, announced today that its users can now connect their devices to the DeversiFi decentralized exchange, or DEX. Hardware wallets + DeFi As a result of this integration, Ledger has become one of the first hardware wallet makers to step into the space of decentralized finance, or DeFi. Its users now have the ability to trade cryptocurrencies, confirm transactions, and sign messages directly from their devices — all while retaining the control over their private keys. Although DEXs are generally considered more reliable than their custodial counterparts, that greater security tends to come at …
The hacker that breached the Ethereum.org forum is allegedly selling the databases for the three most-popular crypto hard wallets — Ledger, Trezor, and KeepKey. The three databases contain the name, address, phone number, and email for more than 80,000 users combined, however, they do not contain passwords for the accounts. The hacker has also recently listed the SQL database for online investment platform, BnkToTheFuture. Ledger and Trezor databases reportedly compromised On May 24, cyber crime monitoring website, Under the Breach, spotted the hacker’s new listings for the databases of the top hardware wallet providers. The hacker claims to be in …
Digital asset security firm Ngrave has released more details of its fully offline hardware wallet, the Zero. As previously reported, the Zero claims to be the first hardware wallet to receive EAL7 certification — one of the highest security gradings in the world. The Evaluation Assessment Level is graded from EAL1 to EAL7, with the latter representing the fullest battery of testing possible, including design documentation and analysis, functional, and penetration testing. In the belly of the beast To achieve such certification, Zero integrates the ProvenCore Trusted Execution Environment (TEE) from Prove & Run. Prove & Run co-owner Christophe Pagezy …
Digital asset security firm Ngrave announced sales for its flagship product, the fully offline hardware wallet Ngrave Zero, will launch next month. The devices will be made available for purchase on Indiegogo from May 26 and are slated for shipping in October. Ngrave claims the first EAL7-certified crypto wallet Ngrave’s co-founder and chief executive Ruben Merre told Cointelegraph that its product introduces “a number of innovations compared to existing solutions,” stating: “The Ngrave Zero is 100% offline, and features extreme tamper-proofing. It’s the only blockchain wallet with EAL7 security certification, which is the highest security certification in the world.” The …
Leading hardware wallet producer Ledger announced that its official wallet software now supports Tron (TRX). According to an announcement, Ledger Live — the official wallet software for Ledger’s hardware wallets — now allows its users to manage their Tron addresses. Furthermore, Ledger hardware wallet owners can also stake their TRX directly from the software. The announcement reads: “You can now manage your Tron (TRX) into Ledger Live and stake them, which means getting rewards without doing anything!” Ledger also announced that — to celebrate the added Tron support — the firm is holding a contest. Among the users who participate, …
Leading hardware wallet producer, Ledger, now allows online customers to pay using Crypto.com’s wallet app. According to an April 9 announcement, the firm has chosen to accept payment in Bitcoin (BTC), Ether (ETH), XRP, Litecoin (LTC), and Crypto.com Coin (CRO) via Crypto.com’s application. This is not the first time that Ledger has allowed its customers to pay with crypto. They already accept Bitcoin, Bitcoin Cash, Ethereum and XRP via their crypto payment processor, Bitpay. An update on an old collaboration Back in December 2018, the two firms signed a memorandum of understanding, which was mean to allow Ledger’s customers to …
Fake Google Chrome extensions for crypto hardware wallet manufacturer and custody provider, Ledger, continue to claim victims. On March 28, a post was published to Reddit by a user seeking to warn others that they had just lost 14,908 Ripple (XRP) (roughly $2,577) to a fake Ledger Wallet extension on the Google Chrome store. According to the poster, ‘leannekera’, the lost funds comprised a nest egg that she and her husband had been growing since 2017. The wallet that her XRP was sent to quickly forwarded her funds to a second wallet that currently holds nearly 15 million in XRP. …
Major cryptocurrency hardware wallet supplier Ledger has warned its users about another phishing attack trying to steal their crypto — this one using a Google Chrome extension. In a March 5 tweet, the French crypto company specified that there is a fake extension on Google Chrome browser that attempts to steal users’ crypto by asking them to enter their 24-word recovery phrase to access their wallet. Ledger Live gets removed from the Chrome Web Store The phishing attack was reported by Catalin Cimpanu, a cybersecurity reporter at business technology news website ZDNet on March 4. According to Cimpanu, the malicious …
When Peter Schiff claimed that his wallet lost his Bitcoin (BTC), many in the crypto community were skeptical. While some believe that Schiff simply lost his password, others, like Ethereum co-founder Vitalik Buterin, highlighted that losing private keys remains an important issue for cryptocurrency users. Being your own bank is hard Keeping custody of your own cryptocurrency is quite complex, especially for non-tech savvy users. Most wallets require the user to write down the private key before accessing the wallet. Storing the key can be done by simply writing it down on a piece of paper, a method that is …