Wallet Attack. The society Ledger yesterday had one of the worst possible experiences for a cryptocurrency protection specialist. Indeed, following a phishing attack targeted, malicious code was inserted into its software library. In this case, it was a corrupted version of Ledger Connect Kit at the beginning of the opening of a critical security breach. Very quickly, many players in the ecosystem mobilized to limit the damage. Like the giant Tether, at the origin of freezes $44,000 into USDT stablecoins. A look back at this end-of-year crypto affair.
Ledger victim of malicious attack
Everything was going normally on Thursday, December 14. Then, information fell like a hammer in the afternoon: the Ledger wallet was a victim ofa critical security breach. And quickly, numerous operations were carried out in order to identify the problem and resolve it. provide an effective solution.
“We have identified and removed a malicious version of the Ledger Connect Kit. An authentic version is now offered to replace the malicious file. Do not interact with any dApps at this time. We will keep you informed as the situation develops. Your Ledger device and Ledger Live have not been compromised. »
One of the first instructions published by this leader in hardwares wallet was from no longer interact with DeFi protocols.
Because in all likelihood, the attacker behind this affair had targeted this type of transaction. This following the publication of a “ malicious version of Ledger Connect Kit (affecting versions 1.1.5, 1.1.6 and 1.1.7)”. As a result, the funds were automatically redirected to the hacker’s wallet.
More than $480,000 embezzled
At the origin of this flaw, a former employee of the Ledger company visibly targeted by a phishing attack. Which allowed the hacker to corrupt the proper functioning of the WalletConnect service for an estimated duration of 5 hours. But according to Ledger specialists, “the window during which the funds were drained was limited to a period of less than two hours”.
Indeed, a fix was deployed within 40 minutes who followed the awareness of this flaw. And at the same time, a security warning was published on the X network for the attention of its users.
“We would like to remind the community to always sign your transactions clearly – remember that the addresses and information presented on your Ledger screen are the only authentic information. If there is a difference between the screen displayed on your Ledger device and the screen on your computer/phone, stop this transaction immediately. »
Despite all these efforts, the hacker still managed to embezzle more than $480,000 during this period. An amount which, however, has not been confirmed by the Ledger company. The latter is currently busy “working proactively” with the customers affected by this attack.
Tether freezes $44,000 in USDT stablecoins
Following this affair, the giant Tether has frozen all USDT stablecoins held on the hacker’s address. An operation publicly announced on the X network by its new CEO, Paolo Ardoino.
“Tether has just frozen the address of the exploiter Ledger”
In fact, this represents just a little less than 10% of the total amount embezzled funds. Because the address involved in this case contains $44,000 in USDT. These have now become impossible to move or exchange.
There Ledger company asks developers to ensure they are using the latest “authentic and verified version 1.1.8 of the Ledger Connect Kit”. At the same time, she announced that she had filed a complaint in order to work on identifying his attacker, with the help of law enforcement. The question remains what solution will be offered to its aggrieved users.