Hardware Wallet Maker Ledger to Reimburse Victims of Connect Kit Exploit
Following last week’s Connect Kit exploit, Ledger has announced its plans to reimburse the victims who lost $600,000 worth of crypto assets. The exploit involved blind signing on Ethereum Virtual Machine (EVM) decentralized applications (dApps), impacting several applications like SushiSwap and Revoke.Cash. Ledger has committed to ensuring that the affected users will be made whole and is already in contact with some of them. Reimbursement is expected to be completed by February 2024. Furthermore, Ledger is working towards bolstering security measures and is set to disallow blind signing with their devices by June 2024 in favor of clear signing to protect users and encourage its usage in dApps.
The Ledger Connector Hack
The attack took place on December 14th when the hacker gained control of Ledger’s Connect Kit library after compromising the firm’s internal systems through a former employee. By injecting malicious software into the library, the attacker was able to compromise the front end of various decentralized applications, including SushiSwap. Ledger promptly issued a fix and has been tracking down the hacker, whose address has been identified.
Hot Take: Ledger Takes Responsibility and Enforces Strong Security Measures
Ledger’s swift decision to reimburse the victims of the Connect Kit exploit demonstrates its commitment to its users’ safety and the integrity of the ecosystem. By ensuring that affected users are made whole, Ledger aims to prevent such incidents in the future. Furthermore, the company’s plans to enhance security measures, disallow blind signing, and promote clear signing in collaboration with dApps will contribute to a safer environment for crypto users. Ledger’s proactive approach sets a new standard for protecting users and encourages the adoption of secure practices across the crypto industry.
By
By
By
By
By
By