Ledger announced that it had completely removed the exploit and replaced the hacked library.
Ledger team noted that it had successfully replaced the hacked library with a fixed one. The malicious code has allegedly been deactivated, and the Ledger Connect Kit is now safe to use.
However, Ledger users doubted the words of the project team about the complete security of wallets. One of the subscribers drew attention to the fact that malicious code could remain in the cache. The company recommended waiting a while and clearing the cache in the browser.
Ledger CEO Pascal Gauthier noted that the reason for the hack lies in a targeted attack on one of the former employees.
Gauthier said Ledger and the company’s partner WalletConnect worked together to update the software and fix the exploit within 40 minutes of its discovery. The company’s CEO called the incident an “unfortunate isolated incident.” He promised that the company would strengthen security measures.
On Dec. 14, hackers attacked Ledger Connect. This is a software library that allows developers to connect decentralized applications (dApps) to Ledger wallets. By compromising Ledger Connect, hackers could inject malicious code into dApps with which wallet owners can interact.
One of the first to draw attention to problems with wallet security was crypto trader Jacob Canfield, who was popular in the crypto community. In his microblog, he shared a piece of code scammers used to steal money from Ledger owners through Ledger Connect.
According to the Ledger team, the attack did not affect the Ledger Live application, through which wallet owners conduct transactions with assets. Physical wallets were also not affected.