Lookonchain, a blockchain analysis platform, reports that the hacker responsible for the attack on Ledger’s connector library has taken off with at least $484,000.
Lookonchain, a blockchain analysis platform, reports that the hacker responsible for the attack on Ledger’s connector library took assets valued at almost $484,000. Although Ledger has not yet verified the numbers, the company believes that the impact of the security breach may be in the hundreds of thousands.
On December 14, users of X (Twitter) reported the incident, stating that malicious code was able to be injected into multiple decentralized applications (DApps) due to a compromised popular Web3 connector.
The incident has impacted protocols such as Zapper, SushiSwap, Phantom, Balancer, and Revoke. Cash, but the damage could be much greater. According to some X users, the vulnerability may exist in other programs similar to LedgerHQ/connect-kit.
The hack, according to MetaMask, affects its users as well. The wallet provider released a patch for its platform, stating that users running the most recent version, v2.121.0, should be able to “transact again and will be automatically updated.” Please refresh your site data if you are not using this version.”
Ledger stated that at 1:35 PM UTC, the malicious version of the file had been replaced with the legitimate version, almost three hours after the incident. The business advises users “to always Clear Sign” transactions and states that the addresses and data shown on the Ledger screen are the only authentic sources of information.
“Stop that transaction right away if there is a discrepancy between the screen displayed on your Ledger device and the screen on your computer or phone.”
Since then, the library has been disabled by a number of protocols. Paolo Ardoino claims that Tether, the stablecoin issuer, also froze the exploiter address.
The Ledger attack serves as a stark reminder of the vulnerabilities inherent in the cryptocurrency space. While technology is evolving to provide secure solutions, user vigilance and awareness remain crucial to protecting digital assets. By staying informed, practicing caution, and implementing proper security measures, users can mitigate risks and navigate the ever-changing landscape of cryptocurrency.