Crypto Wallet Manufacturer Ledger Confirms Phishing Attack Started with Former Employee
Crypto wallet manufacturer Ledger has confirmed that a phishing attack on their system started because a former employee fell for a scam. The compromised code contained the name and email address of the former employee, leading to initial confusion in the crypto community. However, Ledger later clarified that the attack was a result of the employee falling victim to a phishing attack.
Exploiter Gains Access to NPMJS Account
The attacker gained access to the former employee’s NPMJS account, which is a package manager used by developers in the Web3 community. Using this access, the exploiter pushed a malicious version of the Ledger Connect Kit, which could reroute users’ funds to a hacker’s wallet. The impacted versions have been removed from Ledger’s NPM page.
Ledger Takes Immediate Action
Ledger’s technology and security teams were alerted and quickly deployed a fix within 40 minutes of discovering the attack. The malicious file was live for approximately 5 hours, but the window where funds were drained was limited to less than two hours. Ledger has released a new version of the Connect Kit (1.1.8) that will automatically update all wallets using it.
Panic in the Crypto Industry
The exploit has caused widespread panic among industry participants who are concerned about the vulnerability of decentralized apps. Investors and advisors have expressed their frustration with how easily one phishing link can compromise multiple apps’ front-ends.
Tether Freezes Funds Linked to Exploiter
Tether, a stablecoin issuer, has frozen funds linked to the wallet used by the exploiter to drain $484,000 from DeFi users. As of now, the wallet contains $27,000 worth of USDT and $334,814 in total, down from its peak value. The exploiter is suspected to be part of a phishing group involved in other DeFi hacks.
Doodle NFT Marked for “Suspicious Activity”
The stolen assets include a Doodle NFT that has been marked for “suspicious activity” on OpenSea. The drainers used in these attacks convince users to approve transactions that give hackers access to their funds. These drainers are rented out to hacking groups, with the original developers taking a portion of the illicit gains.
Hot Take: Crypto Industry Faces Critical Security Challenges
The recent phishing attack on Ledger highlights the critical security challenges faced by the crypto industry. With just one employee falling for a scam, multiple apps were compromised, causing panic and financial losses. This incident emphasizes the need for developers to exercise proper hygiene when consuming packages and for companies to implement robust security measures to protect user funds. As the industry continues to grow, cybersecurity will remain a top priority.
By
By
By
By