Crypto Hardware Wallet Provider Ledger Implements Changes to Transaction Signing Processes
Crypto hardware wallet provider Ledger is making adjustments to its transaction signing procedures following an exploit in the Ledger Connect Kit software library on December 14th. According to Ledger, approximately $600,000 worth of assets were stolen from users who blind signed on EVM DApps. The company has committed to collaborating with the DApp ecosystem to enable Clear Signing and discontinue Blind Signing with Ledger devices by June 2024.
Ledger has stated that it will reimburse both Ledger and non-Ledger customers who lost funds as a result of the exploit by the end of February 2024. Users who signed a transaction on affected DApps are advised to revoke unauthorized transactions to prevent further impact from the malicious code.
By allowing Clear Signing, Ledger aims to establish a new standard that safeguards users and promotes Clear Signing across DApps.
Ledger ConnectKit Security Issue
Last week, a critical vulnerability affecting multiple decentralized applications (DApps) impacted a software library relied upon by Ledger. Malicious code had been injected into the front-ends of these apps, allowing the exploiter to steal assets. Although Ledger promptly removed the malicious code upon detection, it is estimated that around $500,000 in funds were affected during this time.
Hot Take: Ledger Takes Action Against Exploit and Commits to Enhanced Security Measures
Crypto hardware wallet provider Ledger is responding swiftly to an exploit in its software library, which resulted in the theft of approximately $600,000 worth of assets from users who blind signed on EVM DApps. In order to prevent future incidents, Ledger will collaborate with the DApp ecosystem to enable Clear Signing and discontinue Blind Signing with its devices by June 2024. Additionally, Ledger has pledged to reimburse affected customers and advises users to revoke unauthorized transactions. By prioritizing Clear Signing, Ledger aims to establish a new standard that enhances user protection and promotes secure transactions across DApps.
By
By
By
By
By