Users of the renowned crypto self-custody solution Ledger have become the latest targets for a well-planned attack targeting their crypto funds. Specifically, an attacker has compromised Ledger ConnectKit, a popular software library that decentralized applications (dApps) use to connect with Ledger hardware wallets.
This vulnerability was disclosed by blockchain security tracking firm Blockaid in a recent tweet. Blockaid characterized it as a supply chain attack as the hacker poisoned the library’s source, affecting applications relying on it.
Specifically, the attacker injected malicious wallet-draining payload code into the library to drain crypto assets stored in Ledger devices connected to dApps using the compromised ConnectKit.
The post Ledger Pushes Update as Wallet Users Targeted in Sophisticated Attack appeared first on Coin Edition.
Users of the renowned crypto self-custody solution Ledger have become the latest targets for a well-planned attack targeting their crypto funds. Specifically, an attacker has compromised Ledger ConnectKit, a popular software library that decentralized applications (dApps) use to connect with Ledger hardware wallets.
This vulnerability was disclosed by blockchain security tracking firm Blockaid in a recent tweet. Blockaid characterized it as a supply chain attack as the hacker poisoned the library’s source, affecting applications relying on it.
Specifically, the attacker injected malicious wallet-draining payload code into the library to drain crypto assets stored in Ledger devices connected to dApps using the compromised ConnectKit.
The post Ledger Pushes Update as Wallet Users Targeted in Sophisticated Attack appeared first on Coin Edition.