Ledger attacker drained at least $484K

The hacker behind the attack on Ledger’s connector library stole assets worth nearly $484,000, according to blockchain analysis platform Lookonchain. Ledger has not yet confirmed the figures, but the impact of the security breach could be in the hundreds of thousands, according to the company.

Users on X (Twitter) flagged the incident on Dec. 14, claiming that a popular Web3 connector was compromised, allowing malicious code to be injected into multiple decentralized applications (DApps).

Protocols affected by the incident include Zapper, SushiSwap, Phantom, Balancer, and Revoke.cash, but the damage could be even greater. According to some users on X, the vulnerability could exist in other similar programs that are alternatives to LedgerHQ/connect-kit.

According to MetaMask, the hack also affects its users. The wallet provider deployed a fix for its platform, saying its users on the latest version, v2.121.0, should be able “to transact again & will be updated automatically. If you’re not on this version, please refresh your site data.”

Nearly three hours after the incident, Ledger reported that the malicious version of the file had been replaced with the genuine version around 1:35 pm UTC. The company is warning its users “to always Clear Sign” transactions, adding that the addresses and the information presented on the Ledger screen are the only genuine information:

“If there’s a difference between the screen shown on your Ledger device and your computer/phone screen, stop that transaction immediately.”

Several protocols have disabled the library since the incident. Stablecoin issuer Tether also froze the exploiter address, according to Paolo Ardoino.

This is a developing story, and further information will be added as it becomes available.

Source: https://cointelegraph.com/news/ledger-blockchain-hack-attacker-drained-484-k