The wallet company confirmed that this week’s exploit was an unfortunate isolated incident, after which Ledger launched Connect Kit version 1.1.8 on December 14th, deactivating malicious code in Ledger and WalletConnect. Users are now protected, but as an extra precaution, it is recommended to wait for 24 hours and clear the browser cache. Ledger’s Chairman and CEO, Pascal Gauthier, disclosed that the security breach occurred when a former staff member fell prey to a phishing attack. This enabled a malicious actor to upload a harmful file to Ledger’s NPMJS, a JavaScript code package manager shared across applications. Collaborating with partner WalletConnect, Ledger swiftly responded to the incident, managing to eliminate and deactivate the malicious code on NPMJS within
Topics:
Chayanika Deka considers the following as important: AA News, ledger
This could be interesting, too:
Andrew Throuvalas writes The Bitcoin Bear Market May Have Already Started, Signal Shows
Chayanika Deka writes Australia Gears Up for Bitcoin ETF Wave After US, Hong Kong Approvals
Andrew Throuvalas writes How Lazarus Group Cashed Out 0 Million Of Stolen Crypto In Three Years: ZachXBT
Andrew Throuvalas writes EigenLayer Token Airdrop Plan Will Allocate 15% Of Supply To Stakers
The wallet company confirmed that this week’s exploit was an unfortunate isolated incident, after which Ledger launched Connect Kit version 1.1.8 on December 14th, deactivating malicious code in Ledger and WalletConnect. Users are now protected, but as an extra precaution, it is recommended to wait for 24 hours and clear the browser cache.
Ledger’s Chairman and CEO, Pascal Gauthier, disclosed that the security breach occurred when a former staff member fell prey to a phishing attack.
- This enabled a malicious actor to upload a harmful file to Ledger’s NPMJS, a JavaScript code package manager shared across applications.
- Collaborating with partner WalletConnect, Ledger swiftly responded to the incident, managing to eliminate and deactivate the malicious code on NPMJS within 40 minutes of its discovery.
- In an update, Gauthier revealed that the standard practice at the Paris-based crypto hardware wallet platform is that no single person can deploy code without review by multiple parties. He admitted having strong access controls, internal reviews, and code multi-signatures when it comes to most parts of its development.
- Furthermore, when an employee departs from the company, their access to all Ledger systems is promptly revoked.
“This was an unfortunate isolated incident. It is a reminder that security is not static, and Ledger must continuously improve our security systems and processes. In this area, Ledger will implement stronger security controls, connecting our build pipeline that implements strict software supply chain security to the NPM distribution channel.”
- Ledger said that it is actively cooperating with authorities and assured that it will continue to assist in the ongoing investigation.
- The platform said that it will continue to work with affected users, collaborate to identify the responsible party, ensure legal consequences, trace the funds, and cooperate with law enforcement to facilitate the recovery of stolen assets from the hacker.