Ledger, a crypto wallet firm, recently fell victim to a security breach on December 14. The intrusion into Ledger’s Connect Kit Library led to the theft of $484,000 from various wallets in the Ledger cyberattack. The funds were reportedly siphoned within a span of less than two hours.
However, the malicious code has now been successfully neutralized.
According to Ledger’s statement, a former employee fell victim to a phishing scam, enabling the hacker to gain access to the Ledger Connectkit Library and submit a malicious bug.
Addressing the Ledger hack, the company confirmed the security incident in an official statement, providing a comprehensive overview of the situation and outlining the steps taken to mitigate the exposure.
“The genuine Ledger Connect Kit 1.1.8 is now fully propagated. Ledger and WalletConnect can confirm that the malicious code was deactivated. You are now safe to use your Ledger Connect Kit. Reminder that that we always encourage clear signing,” stated the latest update.
Ledger Cyberattack: What Happened?
According to the official statement, the hack allowed the attacker to publish a hacked Ledger Connect Kit version 1.1.5 through 1.1.7, which tricked Walletconnect into sending money to the hacker’s wallet.
Although the malicious file was active for around five hours, Ledger’s technical and security teams quickly implemented a solution within 40 minutes of learning about the Ledger cyberattack, the business revealed.
The latest update by the company confirmed that the authentic Ledger Connect Kit 1.1.8 has been extensively distributed and validated.
The official statement further stated that in order to avoid direct package changes, development teams using the Ledger Connect Kit on NPM have been limited to read-only access.
Ledger reported that Chainalysis software was now able to view the wallet and that they had frozen the rogue actor’s address post the Ledger cyberattack.
The Ledger revealed the wallet address, “0x658729879fca881d9526480b82ae00efc54b5c2d,” responsible for the incident but they haven’t verified the numbers. As of the time of sealing the account, $254K was in the wallet.
In addition to actively interacting with impacted clients, the hardware wallet manufacturer is assisting law authorities in their efforts to apprehend the attacker post-Ledger cyberattack.
Ledger also disclosed that it is examining the exploit in order to stop similar attacks in the future. Ledger emphasized the value of clear signing once more and recommended blind signing with manual transaction processing or an additional Ledger Mint wallet.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
