Ledger Plans to Reimburse Defi Participants for Stolen Assets
Hardware crypto wallet maker Ledger has announced its plan to reimburse approximately $600,000 in digital assets that were stolen during a recent incident. The theft occurred due to a connector kit exploit targeted at the front end of EVM dapps, affecting numerous crypto users, including those using exchanges and web3 tools like Revoke.cash.
Action Plan to Deactivate Blind Signing
Ledger has acknowledged the exploit and has committed to reimbursing all victims, including non-customers, by February. In addition, the company has outlined an action plan to deactivate blind signing, a feature that facilitated the attacker’s efforts in stealing cryptocurrencies. By June 2024, users will no longer be able to blind sign with Ledger devices. Instead, clear signing will be implemented to allow users to verify transactions on their Ledger devices before signing.
Phishing Scam and Compromised Github Access
Ledger CEO Pascal Gauthier revealed that the theft was carried out by a phishing scammer connected to the Angel Drainer hacker. The attacker gained access to compromised Github accounts and published malicious code that affected a widely used web3 library employed by dapps like SushiSwap.
Tether Freezes Hacker’s Address
Following investigations, the hacker’s address was frozen by stablecoin operator Tether to prevent further transactions and potential laundering of stolen funds.
Controversies Surrounding Ledger
This incident adds to the controversies faced by Ledger throughout the year. The company previously experienced an issue where customers lost Bitcoin (BTC) and Ether (ETH) due to a fake version of its service on Microsoft’s App Store. Additionally, Ledger faced criticism for its recovery service, which provided a means to regain access even without the secret seed phrase.
Hot Take: Ledger Takes Responsibility and Implements Security Measures
Ledger has taken responsibility for the recent theft incident and plans to reimburse affected users. The company also aims to enhance security by deactivating blind signing and implementing clear signing for transaction verification. While the incident may have caused minimal impact, it highlights the importance of staying vigilant against phishing scams in the crypto space. Ledger’s actions, including freezing the hacker’s address, demonstrate their commitment to protecting user funds and improving their products and services.
Noah Rypton stands as an enigmatic fusion of crypto analyst, relentless researcher, and editorial virtuoso, illuminating the uncharted corridors of cryptocurrency. His odyssey through the crypto realms reveals intricate tapestries of digital assets, resonating harmoniously with seekers of all stripes. Noah’s ability to unfurl the labyrinthine nuances of crypto intricacies is elegantly interwoven with his editorial finesse, transmuting complexity into an engaging symphony of comprehension.