April 19, 2024
Ledger Connect Exploit: Decentralized Platforms Brace, Investigate Breach Impact
Latest Cryptocurrency News

Ledger Connect Exploit: DApps Issue Warnings as DeFi Protocols Act

Numerous decentralized applications (DApps) have temporarily halted their front-end user interfaces for Ledger Connect due to an exploit on Dec. 14. OpenSea, the developers of a nonfungible token (NFT) platform, advised users on Dec. 14 to refrain from connecting to any DApps using Ledger Connect until further notice.

Lido Finance, a decentralized finance (DeFi) protocol, took precautionary measures by shutting down its front ends while the Ledger Connect issue is under investigation.

During the day, the front ends of Zapper, SushiSwap, Phantom, Balancer, and Revoke.cash were compromised in the Ledger Connect exploit. Ledger confirmed patching the exploit, which stemmed from a malicious version of the Ledger Connect Kit. A legitimate version is being pushed to replace the malicious file, and users are cautioned against interacting with any DApps for the time being.

Reports suggest the attack siphoned off at least $484,000 in digital assets. Tether, the issuer of the Tether stablecoin, froze the exploiter’s address. Ledger developers are automatically disseminating a “genuine version” of the Ledger Connect Kit, but users are advised to wait 24 hours before using it again.

The exploit is linked to a phishing attack on a former Ledger employee, enabling hackers to access sensitive information. Developers are taking legal action and cooperating with law enforcement to apprehend the attacker. Approximately two hours elapsed between the fund drainage and the deployment of a fix.

Image by freepik

Related posts

MultiversX Aims for Metaverse Scalability as CEO Explores Spatial Computing

Harper Hall

Crypto Merger: Hut 8 and USBTC Form New Hut, Realigning the Industry

Christian Green

Hong Kong Catalyst for Crypto Activity in Asia

Christian Green

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More