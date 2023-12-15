The company that was considered the great crypto reference in the field of security has had a 2023 to forget. After the controversy with Ledger Recover, there is now an even more serious problem. Your connected systems have been compromised.

A security breach in the Ledger Connect Kit. The company itself has officially reported this hack. What is known is that on December 14, Ledger suffered an exploit in the Ledger Connect Kit, a Javascript library that connects websites with Ledger wallets.

The hack has affected third parties that used this kit to synchronize, but not cold wallets. As Ledger explains, the industry has collaborated to neutralize the attack and freeze the stolen funds affected.

It is unknown how much has been stolen. It is still unclear how many decentralized applications have been affected. Some firms like Blockaid report that they have lost at least $150,000 in crypto. As ZachXBT describes, about $610,000 would have been lost. The figure can vary widely depending on the affected user.

Ledger does not provide specific information on the affected cryptocurrencies, although they affirm that the exploit was effectively active for less than two hours. A short period of time, but enough to steal a large amount of cryptocurrencies.

UPDATE: The genuine Ledger Connect Kit 1.1.8 is now fully propagated. Ledger and WalletConnect can confirm that the malicious code was deactivated. You are now safe to use your Ledger Connect Kit. Reminder that that we always encourage clear signing. — Ledger (@Ledger) December 14, 2023

A problem associated with decentralization. Hacks in the crypto world are common and must be understood as part of the disadvantages of decentralized systems. Since there are so many third-party services and applications, it is common that not all updates have been correctly audited and tested. Simply due to a question of resources and size of those involved.

The origin: an employee was a victim of phishing. It is the most common technique to achieve a hack. Infiltrate internal systems by phishing an employee with access to certain features. This has now happened with Ledger, as described by the company itself.

The exploit was the result of tricking a former employee, which allowed attackers to upload a malicious file to Ledger's internal tool that controls Javascript code between applications. Once detected, it took 40 minutes to deactivate the code and update the tools.

A 1% that eclipses all the work. Ledger defines what happened as an “unfortunate isolated incident.” The company explains that in 99% of its internal processes, there is not a single person who can upload code to its systems. That goes through reviews by multiple teams and there are strict security controls. At the same time, they recognize that they must continue to raise their standards.

Ledger explains that he has already begun to collaborate with the authorities to investigate this matter and that he will work so that the stolen financial assets can be returned.

Imagen | Amjith S

