Attack on Ledger crypto wallet leads to huge money thefts

At least $610,000 was stolen from victims’ crypto wallets in just two hours before Ledger was able to act.

  Science/Technology   Dec 15, 2023   0   85  Add to Reading List
Attack on Ledger crypto wallet leads to huge money thefts


Click the link to join the registration on WhatsApp: https://chat.whatsapp.com/KThkuZlWaTcCu3iJHGBmLM


Click the link to join the registration on WhatsApp: https://chat.whatsapp.com/KThkuZlWaTcCu3iJHGBmLM


Click the link to join the registration on WhatsApp: https://chat.whatsapp.com/KThkuZlWaTcCu3iJHGBmLM

Crypto giant Ledger spent December 14 warning users not to interact with web3 decentralized apps amid concerns over a supply chain attack.

The attack on the ‘Ledger dApp Connect Kit' library was found to be pushing a JavaScript wallet drainer, the company found.

Ledger has since confirmed that it was the victim of a phishing attack and that the error has been rectified, leaving users free to continue using Ledger Connect Kit

Crypto attack could have been avoided

Ledger confirmed at 4:49pm CET via a post on X that a former employee had fallen victim to a phishing attack which compromised their NPMJS account. The attacker used the compromised account to publish a malicious version of the Ledger Connect Kit, which used a rogue WalletConnect project to reroute funds to the hacker’s wallet.

Crypto researcher ZachXBT posted to X that over $610,000 had been stolen during the attack.

Ledger said that the malicious file, which affected versions 1.1.5, 1.1.6, and 1.1.7, was live for around five hours, but that the fund draining took place in a shorter period of around two hours. A fix was issued within 40 minutes of Ledger becoming aware, and the company has since confirmed that Ledger Connect Kit 1.1.8 is now fully propagated, and that users can continue as normal.

Ledger has also reported the attacker’s wallet address and frozen their USDT together with Tether.

Ledger CEO Pascal Gauthier has also responded to the incident, stating that the “unfortunate isolated incident” serves as a “reminder that security is not static” and that Ledger, and any other company, should continuously improve their security.

Gauthier added: “Ledger will support affected users in helping to find this bad actor, bring them to justice, track the funds, and work with law enforcement to help recover stolen assets from the hacker.”

More from TechRadar Pro

Read Original   

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow

Keep advertising to get more people

You could reach thousands of more people for every ₦1,000 you spend. https://doacweb.com/advertising

Adverts on doacWeb can be informative, educative or persuasive in nature.

doacWeb Ads is always directed at a broad audience (reaching thousands of people day by day), not few individuals — it deliver your advert to the target audience at the same time. Putting your offer in front of the right people — who have the money and interest in what you sell.

doacWeb Advertising gives you advantage as adverts passes through https://doacweb.com to the internet, reaching millions of people over the internet, and to grow your audience.

Grow your business, Be known, Boost your visibility, Drive engagements, Get new customers and Increase sales.

doacWeb acts as a global advertising media, to let people — individuals — and businesses, to promote and reach more interested people.

Get Started.

WhatsApp: 09031633831

Email: info@doacweb.com
Keep advertising to get more people

You could reach thousands of more people for every ₦1,000 you spend. https://doacweb.com/advertising

Adverts on doacWeb can be informative, educative or persuasive in nature.

doacWeb Ads is always directed at a broad audience (reaching thousands of people day by day), not few individuals — it deliver your advert to the target audience at the same time. Putting your offer in front of the right people — who have the money and interest in what you sell.

doacWeb Advertising gives you advantage as adverts passes through https://doacweb.com to the internet, reaching millions of people over the internet, and to grow your audience.

Grow your business, Be known, Boost your visibility, Drive engagements, Get new customers and Increase sales.

doacWeb acts as a global advertising media, to let people — individuals — and businesses, to promote and reach more interested people.

Get Started.

WhatsApp: 09031633831

Email: info@doacweb.com
Keep advertising to get more people

You could reach thousands of more people for every ₦1,000 you spend. https://doacweb.com/advertising

Adverts on doacWeb can be informative, educative or persuasive in nature.

doacWeb Ads is always directed at a broad audience (reaching thousands of people day by day), not few individuals — it deliver your advert to the target audience at the same time. Putting your offer in front of the right people — who have the money and interest in what you sell.

doacWeb Advertising gives you advantage as adverts passes through https://doacweb.com to the internet, reaching millions of people over the internet, and to grow your audience.

Grow your business, Be known, Boost your visibility, Drive engagements, Get new customers and Increase sales.

doacWeb acts as a global advertising media, to let people — individuals — and businesses, to promote and reach more interested people.

Get Started.

WhatsApp: 09031633831

Email: info@doacweb.com