TechNewsWorld - http://www.technewsworld.com/story/85219.html?rss=1
A virtual currency hardware wallet with millions of users has been compromised. Saleem Rashid explained how he cracked the firmware on the wallet produced by Ledger using what’s known as a “supply chain” attack. That means a targeted device is compromised before any users get their hands on it. The attack on Ledger’s $100 Nano S wallet creates a backdoor on the device that generates predetermined wallet addresses and passwords. With that information, a bandit might be able to send money from the wallet to his own account.