Can Ledger Nano S be Hacked when is connected to PC with internet? - page 2.

s4mp1nt0

full member

Activity: 294

Merit: 100

Quote from: SnapStefan on March 04, 2018, 11:29:40 AM

Dear bitcoin community,

First of all, I want to thank you very much for your effort in helping the new crypto investors to better understand this great phenomenon.

I also bring into discussion the security of Ledger Nano S because I deposit all my crypto coins on my Ledger Nano S that I bought from the official website.

So, can Ledger Nano S be hacked when is connected to PC with internet?

I guess it's pretty safe and should not be hacked so easy.

I must also mention that I keep my 24 words passphrase in a text document on a stick that is almost always connected to my personal computer which is also in turn connected to the internet.

Can this be a risk Huh

Thanks to everyone who contributes to this thread in helping me better understand the maximum safety limit of Ledger Nano S.

Ledger nano S cannot be hacked because its a hardware wallet. but it can be corrupt if you have a strong virus on your system. better check your antivirus first before storing and connecting anything important.

AlexOnix

member

Activity: 196

Merit: 10

Quote from: Praesidium on March 04, 2018, 11:41:30 AM

Nope, Ledger Nano S is very secured because it is a hard ware wallet, i've been using mine for quite time and i also do connect it while my internet is not but still i dont get hacked or something, so i assume it is okay however becareful of phishing sites.

I agree, mostly because everything happens due to the fact that people fall for phishing sites. If we strengthen due diligence enough use for safety and a simple flash drive.

SnapStefan

newbie

Activity: 56

Merit: 0

Quote from: deevan on March 04, 2018, 12:48:59 PM

No, Nano ledger cannot be hacked nor your private keys are leaked when you are connected to the internet on your PC. Even if your computer is compromised with malware still your nano ledger won't be affected by it because the contents of a secure element "a secure chip" storing seeds/keys cannot be extracted. But recently MITM(man-in-the-middle) attack) vulnerability was discovered where an attacker replaces the coin receiving address of yours with him through a malware altering the code that is responsible for generating the address. To mitigate the attack you always should verify the address showing on your computer screen when you generated the address for receiving coin is same as that is displayed on you hardware wallet display. And as you said you have stored your seeds in USB, I recommend remove it from there and just store in an offline place like anyplace in your home, since you connect your USB to an online computer so a malware can steal it.

Thank you deevan! I will take this very seriously!

deevan

jr. member

Activity: 238

Merit: 7

No, Nano ledger cannot be hacked nor your private keys are leaked when you are connected to the internet on your PC. Even if your computer is compromised with malware still your nano ledger won't be affected by it because the contents of a secure element "a secure chip" storing seeds/keys cannot be extracted. But recently MITM(man-in-the-middle) attack) vulnerability was discovered where an attacker replaces the coin receiving address of yours with him through a malware altering the code that is responsible for generating the address. To mitigate the attack you always should verify the address showing on your computer screen when you generated the address for receiving coin is same as that is displayed on you hardware wallet display. And as you said you have stored your seeds in USB, I recommend remove it from there and just store in an offline place like anyplace in your home, since you connect your USB to an online computer so a malware can steal it.

SnapStefan

newbie

Activity: 56

Merit: 0

Quote from: HALLASTERA on March 04, 2018, 12:07:34 PM

Quote from: SnapStefan on March 04, 2018, 11:29:40 AM

Dear bitcoin community,

First of all, I want to thank you very much for your effort in helping the new crypto investors to better understand this great phenomenon.

I also bring into discussion the security of Ledger Nano S because I deposit all my crypto coins on my Ledger Nano S that I bought from the official website.

So, can Ledger Nano S be hacked when is connected to PC with internet?

I guess it's pretty safe and should not be hacked so easy.

I must also mention that I keep my 24 words passphrase in a text document on a stick that is almost always connected to my personal computer which is also in turn connected to the internet.

Can this be a risk Huh

Thanks to everyone who contributes to this thread in helping me better understand the maximum safety limit of Ledger Nano S.

Of course, first of all you need do not connect to internet. Use internet for hardware wallets only when you want to spend crypto.

That's right! That's exactly what I do.

SnapStefan

newbie

Activity: 56

Merit: 0

Quote from: ?? on ??

Quote from: makishart on March 04, 2018, 12:05:10 PM

Quote from: didzi on March 04, 2018, 11:51:12 AM

if you want to sent assets with ledger nano s, you need to confirm the transactions with the button in ledger nano s
so, this hardware wallet is secure my friend

In fact that ledger nano is not secure as trezor, Trezor has a better security and that's why i was migrating from ledger to the trezor. I have seen so many case about ledger nano being exploited and the amount has been stolen by the hacker. Don't tell me if this hardware wallet (ledger) is secure again. Trezor has some layers on its security. But to connect everything to the internet will be involved a high risk.

Both are secure.
Just check the receiver address and amount before confirming the transaction.
Can't see any advantage of the Trezor in comparison to the Ledger Nano S.
Always connecting your hardware-wallet to a PC with internet access may not be really necessary and should be prevented but it shouldn't cause any problems though.
The real problem was the USB stick containing the recovery phrase but the OP already noticed.

By the way: Also don't store any unencrypted private keys on your computer!

But even if the recovery phrase is on a USB stick, my USB stick is loaded with 15 GB of photoshop files and other code-related stuff because I'm a web designer, and this recovery phrase information is written in a text document that has a name like "newdoc178". So, do you still think the risk is as high? I think it's hard enough for any virus to find hidden information in such a text document.

HALLASTERA

member

Activity: 252

Merit: 12

Quote from: SnapStefan on March 04, 2018, 11:29:40 AM

Dear bitcoin community,

First of all, I want to thank you very much for your effort in helping the new crypto investors to better understand this great phenomenon.

I also bring into discussion the security of Ledger Nano S because I deposit all my crypto coins on my Ledger Nano S that I bought from the official website.

So, can Ledger Nano S be hacked when is connected to PC with internet?

I guess it's pretty safe and should not be hacked so easy.

I must also mention that I keep my 24 words passphrase in a text document on a stick that is almost always connected to my personal computer which is also in turn connected to the internet.

Can this be a risk Huh

Thanks to everyone who contributes to this thread in helping me better understand the maximum safety limit of Ledger Nano S.

Of course, first of all you need do not connect to internet. Use internet for hardware wallets only when you want to spend crypto.

makishart

legendary

Activity: 3108

Merit: 1029

Quote from: didzi on March 04, 2018, 11:51:12 AM

if you want to sent assets with ledger nano s, you need to confirm the transactions with the button in ledger nano s
so, this hardware wallet is secure my friend

In fact that ledger nano is not secure as trezor, Trezor has a better security and that's why i was migrating from ledger to the trezor. I have seen so many case about ledger nano being exploited and the amount has been stolen by the hacker. Don't tell me if this hardware wallet (ledger) is secure again. Trezor has some layers on its security. But to connect everything to the internet will be involved a high risk.

European Central Bank

legendary

Activity: 1288

Merit: 1087

nope. however people are forgetting the nano's one and only job which is to shield your private keys from exposure to the internet. its protection won't extend to anything you see on your computer screen.

anything your computer is showing you could be compromised. you might be the victim of a man in the middle attack when someone inserts a false address to divert the coins away from their original destination through the ledger app. there's been a fake ledger app in the chrome store though i don't know whether it actually works.

always verify the addresses on the ledger nano screen itself.

mobilazy

member

Activity: 308

Merit: 22

Such flaw doesn't exist yet, AFAIK. I only heard of the attack when malware replaces the right address with hacker's one. But easy to counteract by comparing the address where you intended to send with the one on the screen of Ledger. All your private keys are safe inside of Ledger Nano S. But keep ur 24 word (sic!) phrase safe!

gsg07

full member

Activity: 462

Merit: 100

Quote from: Praesidium on March 04, 2018, 11:41:30 AM

Nope, Ledger Nano S is very secured because it is a hard ware wallet, i've been using mine for quite time and i also do connect it while my internet is not but still i dont get hacked or something, so i assume it is okay however becareful of phishing sites.

Im surprised! Looks like Ledger Nano S is a super protected wallet. But what about Trezo? Trezor also has such strong securety?

SnapStefan

newbie

Activity: 56

Merit: 0

Quote from: ?? on ??

Quote from: SnapStefan on March 04, 2018, 11:29:40 AM

Dear bitcoin community,

First of all, I want to thank you very much for your effort in helping the new crypto investors to better understand this great phenomenon.

I also bring into discussion the security of Ledger Nano S because I deposit all my crypto coins on my Ledger Nano S that I bought from the official website.

So, can Ledger Nano S be hacked when is connected to PC with internet?

I guess it's pretty safe and should not be hacked so easy.

I must also mention that I keep my 24 words passphrase in a text document on a stick that is almost always connected to my personal computer which is also in turn connected to the internet.

Can this be a risk Huh

Thanks to everyone who contributes to this thread in helping me better understand the maximum safety limit of Ledger Nano S.

Hi,

Connecting the Ledger shouldn't be any problem (that's the point of using a hardware-wallet).
However storing your 24 word phrase unencrypted on a device with internet-access is not a good idea - this just renders the hardware-wallet useless as this phrase can be used to access your wallet without any password and malware could access your usb drive without any problems.
In general you should only write down your 24 word phrase on the included card and store the card safely (DO NOT LOSE IT!).
If you're storing big equivalents of money you could additionally memorize the phrase (24 words shouldn't be that hard).

In this case, I will write my 24 word phrase on the paper and I will delete this information from the USB stick. Thank you very much for your answer!

duyduc256

sr. member

Activity: 700

Merit: 250

Quote from: Praesidium on March 04, 2018, 11:41:30 AM

Nope, Ledger Nano S is very secured because it is a hard ware wallet, i've been using mine for quite time and i also do connect it while my internet is not but still i dont get hacked or something, so i assume it is okay however becareful of phishing sites.

I agree with you . Ledger Nano S is very safe because I have been using this device for 2 years and have not had any problems. I personally encourage people to use this wallet because there are so many coin to hold for a long time. I always choose altcoin in this purse to invest because the potential of all that altcoin is very high

didzi

sr. member

Activity: 1092

Merit: 250

Hodlers Network

if you want to sent assets with ledger nano s, you need to confirm the transactions with the button in ledger nano s
so, this hardware wallet is secure my friend

lovela

member

Activity: 126

Merit: 10

I don't think sMerit harvesting is a serious crime

I think no, Ledger Nano S cannot be hacked when connected to your computer with internet but it depends when your computer is compromised and the virus is very specific that it only infect hardware wallets but I don't think that's the case.
There is no way the hardware wallets are hackable because the web browser directly access to the hardware wallet that is Ledger Nano S that only be accessed when the private key is asked.
When the browser will access the hardware wallet prove key you will then press the pass codes in order to private key will be released directly to the browser so the prove keys will not be stored on Ram or random access memory.

Praesidium

full member

Activity: 409

Merit: 103

Nope, Ledger Nano S is very secured because it is a hard ware wallet, i've been using mine for quite time and i also do connect it while my internet is not but still i dont get hacked or something, so i assume it is okay however becareful of phishing sites.

SnapStefan

newbie

Activity: 56

Merit: 0

Dear bitcoin community,

First of all, I want to thank you very much for your effort in helping the new crypto investors to better understand this great phenomenon.

I also bring into discussion the security of Ledger Nano S because I deposit all my crypto coins on my Ledger Nano S that I bought from the official website.

So, can Ledger Nano S be hacked when is connected to PC with internet?

I guess it's pretty safe and should not be hacked so easy.

I must also mention that I keep my 24 words passphrase in a text document on a stick that is almost always connected to my personal computer which is also in turn connected to the internet.

Can this be a risk Huh

Thanks to everyone who contributes to this thread in helping me better understand the maximum safety limit of Ledger Nano S.

Topic: Can Ledger Nano S be Hacked when is connected to PC with internet? - page 2. (Read 390 times)