CDS Crypto News Crypto Wallet Security Breach: Ledger ConnectKit Compromised in Widespread Attack Affecting Multiple dApps
Crypto News

Crypto Wallet Security Breach: Ledger ConnectKit Compromised in Widespread Attack Affecting Multiple dApps

214
Crypto Wallet Security Breach: Ledger ConnectKit Compromised in Widespread Attack Affecting Multiple dApps

Crypto Wallet Security Breach: Ledger ConnectKit Compromised in Widespread Attack Affecting Multiple dApps

Crypto News – Ledger, a leading name in the self-custody crypto sector, has fallen prey to a sophisticated cyberattack targeting its users’ digital assets. In a concerning development, the ConnectKit, a widely-used software interface that connects decentralized applications (dApps) to Ledger’s hardware wallets, has been compromised.

This alarming security breach was brought to light by Blockaid, a blockchain security monitoring company, through a recent tweet. The firm described the incident as a supply chain attack, where the attacker tainted the library’s source code, thereby impacting any applications dependent on it.

The core of the attack involved the introduction of a malignant code designed to siphon off cryptocurrency assets from Ledger wallets interfacing with affected dApps through the tainted ConnectKit.

Crypto Wallet Security Breach: Ledger ConnectKit Compromised in Widespread Attack Affecting Multiple dApps

Blockaid has also identified several high-profile dApps that have been impacted by this breach. The preliminary list includes major players like the multi-chain decentralized exchange SushiSwap, the DeFI and NFT tracking service Zapper, along with MetalSwap and EchoDex.

Meanwhile, Matthew Lilley, CTO of SushiSwap, has warned that the vulnerability extends to all dApps integrating Ledger’s ConnectKit. He advises crypto users to avoid using these dApps for the time being, emphasizing that this is not an isolated event but rather a large-scale attack impacting numerous dApps.

Crypto Wallet Security Breach: Ledger ConnectKit Compromised in Widespread Attack Affecting Multiple dApps

It is crucial to note that the vulnerability does not stem from the Ledger hardware wallets themselves but rather from the compromised software facilitating their connection to websites.

In response to this crisis, Ledger has swiftly issued an update to remove the malicious code. Blockaid is now calling on all stakeholders to update their dApps and employ version pinning as a security measure to prevent similar incidents in the future.

Crypto Wallet Security Breach: Ledger ConnectKit Compromised in Widespread Attack Affecting Multiple dApps

Leave a comment

Leave a Reply

Related Articles

Ethereum White Paper Anniversary: From Concept to Global Smart Contract Platform

Ethereum White Paper Anniversary: From Concept to Global Smart Contract Platform

Bitcoin Liquidations Spike: Over $150M in Longs Wiped Out as Price Slides

Bitcoin Liquidations Spike: Over $150M in Longs Wiped Out as Price Slides

Memecoins Explained: The Intersection of Internet Culture and Crypto

Binance Research's report analyzes the rise of memecoins, highlighting their cultural impact,...

ETH Price Faces Challenges Amid ETF Outflows

Ethereum (ETH) struggles to maintain price above $2,500 amid ETF outflows and...