A recent report confirmed that the Ledger app failed to fix a serious vulnerability that could lead to a Bitcoin Fork attack.
Mo Nohbe argued that the Ledger wallet failed to isolate the apps responsible for approving various asset transactions. This creates a vulnerability where the user’s wallet may be tricked into allowing a transaction with a less valuable asset such as Litecoin (LTC), Bitcoin Cash (BCH) or another fork of Bitcoin when in fact it is a Bitcoin (BTC) transaction. . … The elite told the Cointelegraph:
“This application must be isolated so that it only points to the test network’s lead path. However, sending a regular bitcoin transaction to the main network will go through. In addition, TX will be presented as if it were testnet bitcoin, to the testnet bitcoin address. ”
According to the elite, he informed Ledger about this vulnerability, and despite the acknowledgment, the company was unable to fix it. Instead, they decided to release an update to their current app that will alert users if such exploitation is found.