Ledger Nano S devices enable our customers to use a PIN code to verify their identity as they start the device.
But do you know that there is a vulnerability at older version of Ledger Wallet firmware ?
Previously, Ledger Nano S pin as default began at number 5.
This created a theoretical vulnerability
– if using a Ledger Nano S in a public place, an attacker could theoretically count the number of buttons pushed by the customer as they entered each digit of their pin code.
In our latest 1.4.2 firmware update, the default digit shown as the device starts is randomised. This small gesture effectively fix the loophole.
Tiance Research Sdn Bhd