TL;DR
-
An attacker has hacked Ledger and stole nearly $500k worth of assets.
-
Security experts believe that Ledger users remain at risk.
Hacker Steals $484k in Ledger Exploit
Attackers stole $484,000 on Thursday after integrating malicious code into the GitHub library for Connect Kit, a widely-used piece of blockchain software maintained by the crypto hardware wallet manufacturer Ledger.
A hacker attacked #Ledger and has stolen ~$484K assets.#LedgerExploiter transferred 4.334 $ETH to #AngelDrainer.
— Lookonchain (@lookonchain) December 14, 2023
And the #AngelDrainer is also receiving assets currently and holds $363K assets.https://t.co/ZG5SRlKBjW pic.twitter.com/RK9aPyAjEE
This latest development has affected several DeFi protocols including Sushiswap, that use the library. Ledger users have also been warned to avoid using dApps for now until the protocols are updated.
Connect Kit is a code that enables DeFi protocols to connect crypto hardware wallets. According to several reports, the exploit affected the front end of all protocols that use the Connect Kit. some of these protocols include Sushi, Lido, Metamask and Coinbase.
While confirming the attack on X, Ledger said an employee had been targeted in a "phishing attack." Following the attack, the hacker published a malicious version of the Ledger Connect Kit.
The hardware wallet manufacturer added that they have identified and removed a malicious version of the Ledger Connect Kit. furthermore, Ledger revealed that the window where funds were drained was limited to a period of less than two hours.
Despite Ledger’s message, some security experts believe that users are still at risk. Ido Ben-Natan, the CEO of blockchain security firm Blockaid told CoinDesk that several websites are still affected and users are getting hit.