Hardware wallet developer Ledger confirmed the vulnerability affecting the DeFi industry.
In the statement made by Ledger at 16:31, “We detected and removed the malicious version of Ledger Connect Kit.” It was said.
Ledger Connect, used by many decentralized applications (dApps), was attacked at noon today. The attacker hacked the package into users’ Cryptocurrency will empty wallets added a code.
Ledger announced that they took action to remove the malicious version of the package. To users, “Do not use any dApps for now. We will keep you informed as the situation progresses.” message was given.
Security firm Blockaid described this as a “supply chain attack” and in the last few hours 150 thousand dollars He predicted that there was a loss.
According to analysis by Sushi CTO Matthew Lilly, the attack was caused by the CDN account used by Ledger. from the seizure stems from.
The statement also “Your Ledger device and Ledger Live have not experienced a security breach.” It was said.