French cryptocurrency wallet company Ledger recently experienced a cyber attack in which its Connect Kit was compromised. The attackers injected a drainer code into the kit, allowing them to drain wallets connected to decentralized applications (dApps). Ledger took immediate action to contain the attack and enhance its security measures, including partnering with Tether to freeze the attackers’ USDT addresses.
In response to the breach, Ledger released a statement acknowledging the incident and pledging to patch its platform to prevent similar attacks in the future. The company also expressed its commitment to compensating all affected parties for their lost funds. Ledger plans to ensure that victims are “made whole” and has announced a shift from Blind Signing to Clear Signing, a verification process that requires users to approve transactions before signing.
The hack targeted the Connect Kit, which is connected to various dApps. The attackers managed to steal approximately $600,000 from users before the vulnerability was patched. The potential impact of the attack was significant, as the hackers could have accessed over 70% of all dApps connected to the wallet. However, Ledger’s swift response prevented further damage.
To regain the trust of its users and the wider ecosystem, Ledger has committed to refunding the victims, including non-direct customers. The company aims to complete the compensation process by the end of February 2024 and is actively working with impacted users to address their specific situations.
Recognizing the need to reinforce its security measures, Ledger plans to sunset Blind Signing with its hardware devices. This change will require users to verify all transactions before signing, enhancing the overall security of the platform. The company acknowledges its responsibility in the incident and is focused on preventing similar incidents in the future.
The attack on Ledger highlights the vulnerability of supply chain attacks, where hackers target the links and interconnections between entities rather than directly attacking the entities themselves. Ledger’s response to the breach demonstrates its commitment to addressing the issue and ensuring the safety of the crypto ecosystem.
This News Article was automatically generated by Bob the Bot (AI)
| Information | Details |
|---|---|
| Geography | Global |
| Countries | 🇫🇷 |
| Sentiment | neutral |
| Relevance Score | 1 |
| People | None |
| Companies | Ledger, Tether |
| Currencies | Tether |
| Securities | None |
