Subscribe to our Telegram channel

Details of massive cryptocurrency theft from Ledger devices published

12:22 pm, December 19, 2023

Ledger, a popular manufacturer of hardware crypto wallets, has warned customers about the dangers of using dApps (decentralized applications). The reason is a cyberattack on the supply chain.

The attackers injected malicious javascript code into the Ledger dApp Connect Kit library, which allows web3 applications to interact with Ledger wallets. This code automatically stole cryptocurrency and NFTs from accounts connected to the service.

According to the company, the problem was discovered on the morning of December 14, after the Ledger account on the NPMJS resource was subjected to a phishing attack. Unknown attackers have published a malicious analog of the Connect Kit, affecting versions 1.1.5, 1.1.6 and 1.1.7.

The malicious javascript exploited a vulnerability in the third-party Wallet Connect library to redirect users' funds to hackers' accounts. The developers have removed the compromised versions of the Connect Kit and urgently released a new one — 1.1.8.

However, the danger remains for third-party dApps that still run on older versions. Users are advised to refrain from using these applications until the problem is resolved.

As Ledger assured, the underlying software and hardware are not affected. The performance of the company’s most popular products, Ledger Live, and the hardware crypto wallets themselves was not affected.

However, the company has warned of increased phishing attacks. Users are advised to be vigilant and under no circumstances should they disclose a 24-word passphrase to attackers.

According to the blockchain company SlowMist, the Ledger library has been compromised since version 1.1.5. Then the criminals added a text message to the code as a verification. And versions 1.1.6 and 1.1.7 already contained well-disguised malicious javascript. Analysis of this script showed that it also attempted to steal cryptocurrency and NFTs from the Coinbase, Trust Wallet, and MetaMask platforms.

The investigation into the incident is still ongoing. The extent of the damage has not yet been established, although there have been reports of about $ 680,000 in theft. Ledger has already identified the addresses of the attackers' wallets, and the Tether team has frozen some of the stolen funds in USDT.

Subscribe to our Telegram channel

BTC

$99,275.07

0.88%

ETH

$3,297.38

-2.40%

BNB

$620.49

-0.22%

XRP

$1.42

20.94%

SOL

$252.80

-0.58%

All courses
Subscribe to our
Telegram channel!
The latest news and reviews of the cryptocurrency markets of the last
day right in your messenger. We are waiting for you!
GO TO
Show more