Ledger Hack: Phishing Attack On Former Employee Leads To $484,000 Crypto Heist
Crypto hardware wallet provider Ledger was the target of a sophisticated hacking incident, which led to the theft of approximately $484,000 in assets. It was linked to a former Ledger employee who fell victim to a phishing attack.
The incident unfolded when the former employee's NPMJS account was compromised, allowing the attacker to publish malicious versions of the Ledger Connect Kit.
This compromised software utilized a rogue WalletConnect project to divert funds to a hacker-controlled wallet.
The malicious code was active for around five hours, but Ledger's technology and security teams responded, deploying a fix within 40 minutes of becoming aware of the breach, Ledger stated.
Despite the rapid response, it was believed the window for fund drainage was less than two hours.
Ledger since coordinated with WalletConnect to disable the rogue project and propagated the genuine and verified Ledger Connect Kit version 1.1.8, which was now considered safe for use.
To bolster security, the connect-kit development team on the NPM project was set to read-only mode, preventing direct pushes of the NPM package.
Also Read: Basel Committee Finalizes New Standards, Allows Central Banks To Hold Crypto In Reserves
Ledger also internally rotated the secrets to publish on its GitHub and developers were urged to ensure they were using the latest version, 1.1.8.
The severity of the attack was highlighted by the substantial amount stolen, with the hacker transferring approximately 4.334 ETH to an address known as "AngelDrainer," which currently holds assets worth around $363,000.
In response to this, Ledger, along with partners such as WalletConnect, reported the bad actor’s wallet address, now visible on Chainalysis.
Tether (CRYPTO: USDT) took action by freezing the bad actor’s assets, showcasing the collaborative efforts within the cryptocurrency community to address such security breaches.
The company reiterated the importance of using the Clear Sign feature on Ledger devices to ensure transaction authenticity and advised customers to wait 24 hours before using the Ledger Connect Kit again, as a precautionary measure.
Read Next: Cryptos Upbeat As Fed Maintains Status Quo — Solana, Avalanche And Dogecoin Rebound
Photo: Shutterstock