Connect with us

Hi, what are you looking for?

Income Innovator HubIncome Innovator Hub

Editor's Pick

Ledger Hardware Wallet Will Compensate Users for $600,000 Exploit

Source: iStock

Hardware wallet provider Ledger has announced its intention to reimburse victims for the approximately $600,000 in assets lost due to the recent ConnectKit exploit.

In a December 20 statement on X (formerly Twitter), the firm assured that the lost assets would be reimbursed before the end of February 2024.

We are 100% focused on following up to last week’s security incident, making sure incidents like this are prevented in the future, and that the ecosystem remains safe.

We are aware of approximately $600k in assets impacted, stolen from users blind signing on EVM DApps.

Ledger…

— Ledger (@Ledger) December 20, 2023

The crypto waller manufacturer also revealed it has reached out to the impacted victims and is actively working through all recovery specifics to ensure a seamless payment process.

Meanwhile, users who signed transactions on all exploited decentralized applications (dApps) connected to ConnectKit are advised to revoke all authorized transactions to minimize potential risks associated with the breach.

On December 14, cryptonews reported that the user interfaces of several dApps utilizing Ledger’s ConnectKit, including Zapper, SushiSwap, Phantom, Balancer, and Revoke.cash, were compromised.

We have identified and removed a malicious version of the Ledger Connect Kit.

A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves.

Your Ledger device and…

— Ledger (@Ledger) December 14, 2023

Matthew Lilley, the Chief Technical Officer (CTO) of SushiSwap, was among the first to identify and report the issue. He noted the compromise of a widely used Web3 connector, which allowed the injection of malicious code into multiple decentralized applications (dApps).

RED ALERT :

Do not interact with ANY dApps until further notice. It appears that a commonly used web3 connector has been compromised which allows for injection of malicious code affecting numerous dApps.

— I’m Software (@MatthewLilley) December 14, 2023

Approximately three hours after the security breach was identified, Ledger confirmed that the malicious version of the file had been replaced with its authentic counterpart.

The Potential of ‘Clear Signing’ in the dApp Ecosystem


Ledger has reaffirmed its commitment to enhancing security measures to strengthen the ecosystem and prevent future incidents.

In line with this commitment, the firm plans to collaborate with the dApp ecosystem to implement Clear Signing and discontinue the Blind Signing feature from its devices by June 2024.

The Clear Signing feature will enable users to scrutinize and verify transaction details before granting approval.

Switching to Clear Signing “and no longer allow Blind Signing by June 2024” is a great increase in security.

A crucially needed feature. Hope compatibility with dApps won’t be affected.

— Ignas | DeFi Research (@DefiIgnas) December 20, 2023

With Clear Signing, wallet enthusiasts can directly examine important information such as transaction amounts, recipient addresses, and other relevant details on their Ledger devices or other secure displays.

According to the firm, this verification process empowers users to make informed decisions and confirm the accuracy of the transaction they are about to authorize.

​​https://twitter.com/ChainflowPOS/status/1737472926335570190?s=20

The crypto wallet provider has also appealed to dApp developers to prioritize customers’ security and trust in the decentralized ecosystem by building apps that support the new security feature.

The post Ledger Hardware Wallet Will Compensate Users for $600,000 Exploit appeared first on Cryptonews.

Enter Your Information Below To Receive Latest News, And Articles.

    Stay updated with the latest news, exclusive offers, and special promotions. Sign up now and be the first to know! As a member, you'll receive curated content, insider tips, and invitations to exclusive events. Don't miss out on being part of something special.


    By opting in you agree to receive emails from us and our affiliates. Your information is secure and your privacy is protected.
    Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

    You May Also Like

    Editor's Pick

    Source: Ark Invest / Instagram ARK Investment Management, led by prominent investor Cathie Wood, has reduced its holdings in the Grayscale Bitcoin Trust (GBTC)...

    Latest News

    A super PAC that has overseen much of Ron DeSantis’s presidential operation has fired its CEO less than two weeks after the previous chief...

    Latest News

    WINDHAM, N.H. — It’s pouring rain Saturday morning as New Hampshire Gov. Chris Sununu (R) arrives at Mary Ann’s diner in Windham, fielding calls...

    Stock

    Popeyes is expanding its menu beyond chicken sandwiches — and it’s a permanent change this time. The fast-food chain announced Wednesday it’s adding five...

    Disclaimer: Incomeinnovatorhub.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.


    Copyright © 2024 incomeinnovatorhub.com