Ledger ‘Hardware’ Wallet Has Been Hacked, About $484,000 Lost In The Heist
Latest News News

Ledger ‘Hardware’ Wallet Has Been Hacked, About $484,000 Lost In The Heist

Hardware wallet provider Ledger was the target of a sophisticated hack incident, which led to the theft of about $484,000 in assets. 

The hack was linked to a former Ledger employee who fell victim to a phishing attack. The hack happened when a former employee was tricked into giving access to their account, allowing the attacker to publish malicious versions of the Ledger Connect Kit.

About $150,000 was stolen initially, although it was later reported that the money lost had reached about $484,000. 

The malicious code was active for around five hours, but Ledger’s technology and security teams quickly responded and fixed the problem within 40 minutes with the help of WalletConnect and Tether, who also froze the hacker’s wallet.

Despite the rapid response, it was believed the window for fund drainage was less than two hours.

Ledger since coordinated with WalletConnect to disable the rogue project and propagated the genuine and verified Ledger Connect Kit version 1.1.8, which was now considered safe for use.

See Also: Fake Ledger Live Application Steals $588K From Microsoft Store

To bolster security, the connect-kit development team on the NPM project was set to read-only mode, preventing direct pushes of the NPM package.

Ledger also internally rotated the secrets to publish on its GitHub and developers were urged to ensure they were using the latest version, 1.1.8.

The severity of the attack was highlighted by the substantial amount stolen, with the hacker transferring approximately 4.334 ETH to an address known as “AngelDrainer,” which currently holds assets worth around $363,000.

In response to this, Ledger, along with partners such as WalletConnect, reported the bad actor’s wallet address, now visible on Chainalysis.

Tether took action by freezing the bad actor’s assets, showcasing the collaborative efforts within the cryptocurrency community to address such security breaches.

The company reiterated the importance of using the Clear Sign feature on Ledger devices to ensure transaction authenticity and advised customers to wait 24 hours before using the Ledger Connect Kit again, as a precautionary measure.

Ledger also urged them to pause their hardware wallet interactions with decentralized applications (DApps).

See Also: Rainbow Wallet Token Aims At Taking Advantage Of MetaMask

In a new thread on the social media platform X, Ledger says that it has found, identified, and replaced a malicious version of its connect kit, a piece of code used to connect hardware wallets to DApps.

“We have identified and removed a malicious version of the Ledger Connect Kit. A genuine version is being pushed to replace the malicious file now. Do not interact with any DApps for the moment. We will keep you informed as the situation evolves. Your Ledger device and Ledger Live were not compromised.”

Crypto products and NFTs are unregulated and can be highly risky. There may be no regulatory recourse for any loss from such transactions. Crypto is not a legal tender and is subject to market risks. Readers are advised to seek expert advice and read offer document(s) along with related important literature on the subject carefully before making any kind of investment whatsoever. Crypto market predictions are speculative and any investment made shall be at the sole cost and risk of the readers.