The makers of the popular Ledger hardware wallet warn of an exploit that could imperil users’ funds. Ledger tweeted that users of its wallet should always select the “monitor” button when sending funds. This is because a “man in the middle” exploit has been discovered which would allow malware to change the “send to” address without the user’s knowledge. Use of the monitor button will show the destination address on the hardware device itself in a way that cannot be forged.
Understanding Deterministic Wallets: A History of HD Wallets and Their Main Peculiarities