ZachXBT calls hardware wallets “garbage,” and Ledger says they’re the worst



Onchain investigator ZachXBT criticized hardware wallets, arguing that users should not rely on them to sign important transactions or store large amounts of cryptocurrencies.

summary

  • ZachXBT says current hardware wallets are not suitable for significant transactions, calling Ledger the worst.
  • He argues that a dedicated iPhone used solely for cryptocurrencies could provide a better operational setup.
  • Recent wallet scams show that attackers continue to target cryptocurrency holders through fake apps and social engineering tactics.

In a Share TelegramZachXBT described hardware wallets as “complete garbage” and said he does not recommend using them for important tasks. Instead, he suggested using a separate iPhone dedicated entirely to managing crypto assets.

ZachXBT customizes Ledger via frequent updates

ZachXBT directed his strongest criticism at Ledger, one of the largest manufacturers of hardware wallets. He called Ledger “the worst” and claimed that frequent updates to Ledger Live can interfere with basic functionality.

He said Ledger Live receives “regular UI/app updates for no good reason that disrupt simple actions.” Comments represent ZachXBT’s personal evaluation. It did not provide evidence that Ledger devices had suffered a new security breach or that their private key protection had been compromised.

Ledger has since renamed Ledger Live to Ledger Wallet. According to the company Official release notesLedger Wallet version 4.8.0 was released on June 11 with security improvements, interface changes, and minor bug fixes.

The company continues to promote hardware-based signing as a way to keep private keys separate from Internet-connected devices. ZachXBT’s proposal takes a different approach by using a smartphone dedicated solely to cryptocurrency transactions.

Hardware wallet users remain targets of cryptocurrency scams

These criticisms come as attackers continue to target hardware wallet owners through social engineering and fake applications. These attacks do not necessarily involve breaking the security of the actual wallet itself.

Ditto I mentioned By crypto.news One cryptocurrency holder lost more than $282 million worth of Bitcoin and Litecoin in January following a hardware wallet social engineering scam. ZachXBT reported that the attackers quickly moved the stolen funds across several services and transferred a portion of it to Monero.

The incident demonstrated how attackers can target users without directly compromising the technical security of a hardware wallet. Instead, social engineering attempts to convince victims to disclose sensitive information or take actions that give criminals control of their assets.

Ledger users have also encountered attacks involving software impersonating official company products. Such situations can create security risks even when the physical device continues to function as designed.

Fake Ledger app stole $9.5 million from users

In April a Fake Ledger Live app A person listed on Apple’s App Store stole at least $9.5 million from more than 50 victims in one week, crypto.news reported. The fraudulent app copied the Ledger brand and appeared to users searching for the company’s wallet software.

Victims reportedly entered their recovery phrases into the fake app, allowing the attackers to take control of their wallets. The stolen assets included Bitcoin, Ethereum, Solana, Tron, and Ripple. Apple later removed the fraudulent app from its store.

ZachXBT’s recommendation for a dedicated iPhone would reduce some of the exposure associated with using a device for daily browsing, messaging, and other online activities. However, a smartphone still depends on its operating system, installed software, backup practices, and the user’s security habits.

The debate goes back to the different approaches to self-holding cryptocurrencies. Hardware wallets focus on keeping private keys isolated from general-purpose Internet-connected devices. Instead, ZachXBT prefers strict hardware separation with a phone used only for cryptocurrencies. Either way, users can still face the risks of phishing, fake apps, exposed recovery phrases, and social engineering.





Source link

Leave a Reply

Your email address will not be published. Required fields are marked *