Ledger pushes update to fix compromised library as users warned to hold off connecting to dApps

Crypto hardware wallet provider Ledger confirmed that its ConnectKit library was compromised.

“We have identified and removed a malicious version of the Ledger Connect Kit. A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves. “

Banteg, one of the lead developers of Yearn.finance, stated:

“Ledger library confirmed compromised and replaced with a drainer. wait out interacting with any [decentralized applications] till things become clearer.”

The developer furthered that:

“The attackers infiltrate a shitton of libraries by compromising just the connect-kit. last known version coming from ledger is 1.1.4. three releases up to 1.1.7 were posted today, all should be considered compromised.”

Several DeFi projects, including SushiSwap and Revoke Cash, confirmed that the incident impacted them and advised their users to refrain from engaging with their frontend until further notice.

“We’ve identified a critical issue the ledger connector has been compromised, potentially allowing the injection of malicious code affecting various dApps,” SushiSwap wrote.

Meanwhile, Hudson James, a VP at Polygon Labs, rehashed the warnings and urged crypto users not to interact with any dApp front ends on websites for now. He added:

“This is an ongoing situation and it is risky to use dapps currently if you don’t understand what backend libraries they use.”

Mentioned in this article

Ledger

Posted In: Featured, Hacks

Author

Oluwapelumi Adejumo

Journalist at CryptoSlate

Oluwapelumi values Bitcoin's potential. He imparts insights on a range of topics like DeFi, hacks, mining and culture, underlining transformative power.

Editor Editor

Liam 'Akiba' Wright

Senior Editor at CryptoSlate

Also known as "Akiba," Liam is a reporter, editor and podcast producer at CryptoSlate. He believes that decentralized technology has the potential to make widespread positive change.

Disclaimer: Our writers' opinions are solely their own and do not reflect the opinion of CryptoSlate. None of the information you read on CryptoSlate should be taken as investment advice, nor does CryptoSlate endorse any project that may be mentioned or linked to in this article. Buying and trading cryptocurrencies should be considered a high-risk activity. Please do your own due diligence before taking any action related to content within this article. Finally, CryptoSlate takes no responsibility should you lose money trading cryptocurrencies.

Grayscale’s outflows slow as investor interest in altcoins like Solana, Polkadot rises

SEC suspected Ethereum was a security since 2018, new Consensys documents reveal

Tether invests $200 million to reach ‘ultimate’ goal of putting computers in people’s brain

VanEck lead charge as Australia prepares for Bitcoin ETF launch

SEC vs DeFi: The Battle Royale — what lies ahead amid regulatory clash and hack mayhem?

Arthur Hayes believes Treasury’s next policy decision will lead to renewed surge for crypto, stocks

How decentralized payments are a gateway to economic development

Navigating the Web3 startup landscape with limited funds

US government appoints Sam Altman, other tech execs to newly established AI safety board

Grayscale’s outflows slow as investor interest in altcoins like Solana, Polkadot rises

Justin Sun predicts SEC rejection of Ethereum ETF in May, citing need for crypto education

Tether coming to Telegram through TON blockchain amid $11 billion wider minting spree

Hoskinson says PRAGMA adds ‘second set of eyes’ to Cardano but won’t speed development

Ripple challenges SEC’s $2 billion fine, proposes $10 million settlement instead

Pantera bought more Solana tokens from FTX’s bankruptcy auction

Vitalik believes memecoins should be used for philanthropy and social impact

Polkadot parachain Peaq receives major migrations from decentralized mapping projects

Bitcoin’s crash to $64k causes meltdown for alts

Ledger pushes update to fix compromised library as users warned to hold off connecting to dApps

Mentioned in this article

Oluwapelumi Adejumo

Liam 'Akiba' Wright

Latest Alpha

High Bitcoin fees push active addresses down to 3-year low

Are Inscriptions following the path of the Dodo?

In this article

Ledger

PolkaBotAI – decentralizing AI with OriginTrail and Polkadot

The VR Project SimuGaze Presale Goes Live Today

Bitcoin

Terra Classic

Ethereum

Polkadot

Polygon

Arbitrum

BNB

Neon EVM

USD Coin

Solana

Uniswap

Eric Balchunas

Changpeng Zhao

Samson Mow

Richard Teng

Do Kwon

Luke Dashjr

Justin Sun

Gary Gensler

Fred Thiel

Davide Menegaldo

Patrick Hansen

Sam Altman

BlackRock

Fidelity Investments

Grayscale Investments

Binance

FTX

Bitfury

Paxos

Terraform Labs

Bitwise

Parity Technologies

Franklin Templeton

Marathon Digital

Circle

Consensys

Alameda Research

Pantera Capital

Ark Invest

VanEck

Matter Labs

CoinShares

Coinbase

OpenAI

Nvidia

Microsoft

Google

Anthropic

IBM

Ledger pushes update to fix compromised library as users warned to hold off connecting to dApps

Mentioned in this article

Oluwapelumi Adejumo

Liam 'Akiba' Wright

PolkaBotAI – decentralizing AI with OriginTrail and Polkadot

The VR Project SimuGaze Presale Goes Live Today

LazyBear Secures 4 Million USDT in Strategic Financing to Revolutionize Crypto Trading

High Bitcoin fees push active addresses down to 3-year low

Are Inscriptions following the path of the Dodo?

Ledger

Get a Daily Summary of Crypto News, Insights and Market Data Straight to Your Inbox.

Cheers! You're subscribed to CryptoSlate.