You're reading

Ledger Connect Kit Breach: Hacker Siphons $484K

Posted at December 15, 2023 | Post by Victor Rollman

Picture

The unknown attacker that compromised Ledger’s Connectkit Library has reportedly siphoned $484,000 from wallets, according to the onchain intelligence firm Lookonchain. Ledger disclosed a former employee fell victim to a phishing attack and the attacker gained access to the Ledger Connectkit Library and uploaded a malicious bug.

Screenshot 39

Ledger Responds to $484K Hack

The latest and secure version 1.1.8 of the Ledger Connect Kit is currently being disseminated automatically, according to the last update from Ledger. The company advised a waiting period of 24 hours before resuming use of the Ledger Connect Kit. This precaution follows a security breach detailed in the ensuing timeline: Initially, a phishing attack targeted a former Ledger Employee’s NPMJS account early today, Central European Time.

Ledger said the breach enabled the attacker to release a compromised version of the Ledger Connect Kit (versions 1.1.5 through 1.1.7), which manipulated a deceptive Walletconnect project to reroute funds to a hacker’s wallet. Alerted to the issue, Ledger’s technology and security teams rapidly deployed a solution within 40 minutes of becoming aware, though the malicious file was active for about five hours, the company disclosed.

The estimated time during which funds were siphoned was under two hours. In response to the incident, Ledger said it collaborated with Walletconnect to disable the rogue project and has now issued the verified Ledger Connect Kit version 1.1.8. Ledger further explained that development teams working with the Ledger Connect Kit on NPM have been restricted to read-only access to prevent direct package updates. Ledger noted that Tether had frozen the bad actor’s address and the wallet was now visible via Chainalysis software.

The onchain analysis platform Lookonchain reported that $484,000 was stolen from wallets. However, Ledger has not confirmed the figures but did disclose the wallet address which is: “0x658729879fca881d9526480b82ae00efc54b5c2d.” The wallet currently holds $254K at the time of writing.

The hardware wallet manufacturing company is actively engaging with affected customers and is working with law enforcement to track down the attacker. In addition, Ledger detailed it is analyzing the exploit to prevent future attacks. Ledger reiterated the importance of Clear Signing and suggested using an additional Ledger mint wallet or manual transaction parsing for blind signing.

Group 3

Curious about Bitcoin?
How about mining this new and asymmetric asset?

Find out how it works.

Book your edge now!
www.rollmanmining.com

SHARE THIS POST
Other Articles
Image
December 15, 2023 Satoshi Nakamoto’s Brilliant White Paper Turns 9-Years Old

Bitcoin has had a phenomenal year in 2017 surpassing many expectations as the decentralized currency now…

Read More
Date
4 mins
Image
December 15, 2023 NFT Markets Rebound With 18% Rise To $106M

Between October 29 and November 5, 2023, sales of non-fungible tokens (NFTs) rose by 18.30% compared…

Read More
Date
2 mins
Image
December 15, 2023 How AI And Money Printing Could Spark A Crypto Bull Run, According To Top Analyst

In the ever-evolving landscape of cryptocurrency, two formidable forces are poised to steer the industry into…

Read More
Date
3 mins