Crypto News

Your ledger is unsafe

February 19, 2019
Written By


    IntroductionWith the growing popularity of cryptocurrencies comes an expanding number of options to access blockchain networks. Users are now spoiled for choice when it comes to selecting wallets for their cryptocurrency use. On one hand, a greater number of wallets means that it’s more likely for users to find wallets that meet their requirements for cost, mobility, and user friendliness. The drawbacks are that all cryptocurrency wallets aren’t made equally when it comes to security. Some wallets are better than others, so it’s imperative that users do their research when selecting a wallet. It’s also important to consider ways to increase the security of the wallet you already have. Unexpected VulnerabilitiesUsers of cryptocurrency hardware wallet Ledger received an unwelcome surprise last March when independent security researcher Saleem Rashid successfully demonstrated a new attack vector that allows hackers to break into the Ledger Nano S to steal coins. The flaw was particularly alarming because it allowed hackers to access coins either remotely or physically. Ledger’s custom architecture contained a vulnerability that could be exploited and compromise the device before the user receives it. Ledger, already dealing with a flaw exposed a few weeks earlier that left devices susceptible to man-in-the-middle attacks, quickly released a patch to mitigate the vulnerability. Ledger’s chief security officer Charles Guillemet also reassured users that the weakness was not as dire as it appeared to be, pointing out that Rashid’s proof of concept meant a scammer reseller would have to access to the device physically before it is set up by the user to load a malicious firmware on the microcontroller. Guillemet said that Ledger sold the vast majority of its devices itself, and only worked with a select group of trusted resellers. Still, Guillemet didn’t deny that the vulnerability existed.

    Luckily for any Ledger users — and anyone else using wallets — there are simple steps anyone can take to minimize the risk of a breach or hack. Below are some best practices to follow that will ensure your wallet and crypto transactions are as secure as they can possibly be. With these transaction you can calculate Crypto Taxes and Accounting by using any Crypto tax service.Treat it like a real walletThis is one of the easiest steps users can take to reduce risk and keep their cryptocurrency secure. Simply being mindful of the way you use a wallet is one way to minimize the potential for security problems. Treat your wallet like a wallet with cash: only keep small amounts of bitcoins in your wallet at any given time, and keep the rest in a safe environment, like “cold storage” — creating a wallet on a device that’s not connected to the internet like an old laptop or USB and using that to store your cryptocurrency. A hardware wallet (like Ledger) is actually one of the easiest ways to quickly gain the high level of security cold storage offers — though it’s important to note that, like Ledger, these wallets are not without any vulnerability. Be cautious with passwordsAgain, this might sound like common sense, but another easy step to keep your cryptocurrency safe is to be extremely cautious about where and how your passwords are stored. It might seem inconvenient, but storing your passwords offline and installing your wallets on a device you don’t not use for day-to-day browsing and downloading is a good way to cut down on the risk factor. Don’t ever store your passwords in an unencrypted file on the same machine as your wallets: that’s a security breach waiting to happen. Keep your software updatedAlways be sure you are using the latest version of software for your wallet. The newest updates will have security fixes and any necessary patches to keep your wallet safe and functioning at its best. And don’t forget to keep your phone and computer updated too! Having the latest system updates is a great way to keep your environment safe and one more layer of protection for your crypto wallet. Be careful with your emailYou may not think of your email as being part of your cryptocurrency ecosystem, but you should! That means you should take whatever precautions you can to keep your email locked up tightly. Make sure you have robust passwords that are difficult to guess and change them often. Consider using a password manager. And be sure to use two factor authentication whenever possible, and even think about using a different phone number than your mobile phone — your mobile number can be ported to another device.

    Stay vigilant Social engineering might be the greatest threat of all. Always be wary of divulging personal information even as innocuous as your email -- you never know who could be a hacker trying to find information they can use to pretend to be you. Be cautious of phishing scams as well; always check you are on the correct site before inputting password information and make sure you see https on any site you where you might send sensitive data. Use Zenledger to calculate your Bitcoin taxes.

    Get Started Now

    Join the ZenLedger mailing list.

    Simplifying DeFi and Cryptocurrency Taxes for Investors and Tax Professionals

    Copyright © 2021 ZenLedger
    10400 NE 4th St, Floor #5,
    Bellevue, WA 98004, USA