CTO of SushiSwap Warns Users to Avoid Interacting with dApps
Matthew Lilley, the CTO at SushiSwap, has issued a warning on Twitter, urging users to refrain from interacting with any decentralized applications (dApps). Several other dApps have also reported being compromised.
In his tweet, Lilley stated that a widely used web3 connector has been compromised, allowing for the injection of malicious code that can affect numerous dApps.
Investigation into Ledger and Suspected Supply Chain Attack
Lilley also called on hardware wallet company Ledger to investigate the matter further. Web3 security firm Blockaid suspects a potential supply chain attack on the ledgerconnect kit.
Blockaid revealed that the attacker injected a wallet-draining payload into a popular NPM package, impacting several popular dApps such as Hey.xyz and Sushi.com.
Confirmation of Compromise by Revoke.cash
Revoke.cash has also confirmed that it has been compromised in this ongoing situation.
Hot Take: Stay Informed and Exercise Caution
The recent compromise of various dApps serves as a reminder of the importance of staying informed and exercising caution when interacting with decentralized applications. As the investigation unfolds, it is crucial to follow updates from trusted sources and take necessary precautions to protect your assets and personal information. Stay vigilant in the ever-evolving landscape of crypto security.
By
By
By
By
By
By