Major Security Vulnerability Found in Ledger Software Library, Affecting Multiple Dapps

Major Security Vulnerability Found in Ledger Software Library, Affecting Multiple Dapps

Multiple DApps using Ledger’s connector, including Zapper, SushiSwap, Balancer and Revoke.cash, were compromised on Dec. 14.

The issue is related to a software library from Ledger wallet, the “LedgerHQ” library, that dapps rely on for use with the crypto wallet service. This vulnerability could potentially allow malicious code to be injected into numerous dapps on their front-ends, posing a significant risk to users and their assets.

Front ends to multiple dapps could be vulnerable if used. Projects like Kyber and RevokeCash confirmed on X that they disabled their front-ends.

According to latest announcement from Ledger, the malicious version of the file has been replaced with the genuine version. Ledger emphasiss that users need to always clear sign transactions, the address and the information presented on Ledger screen is the only genuine information. If there is a difference between the screen shown on your Ledger device and your computer screen, stop that transaction immediatly.

Source

Wallet

Security Incidents

Related News
North Korean hackers use fake Zoom updates to deliver ‘NimDoor’ macOS malware targeting crypto firms North Korean hackers use fake Zoom updates to deliver ‘NimDoor’ macOS malware targeting crypto firms
Bybit hackers move over half the stolen ETH onto Bitcoin, largely using ThorChain Bybit hackers move over half the stolen ETH onto Bitcoin, largely using ThorChain
Stablecoin neobank Infini exploited for $49 million: security analysts Stablecoin neobank Infini exploited for $49 million: security analysts
NoOnes CEO Ray Youssef discloses $8 million exploit weeks after the fact, confirming crypto sleuth ZachXBT's investigation NoOnes CEO Ray Youssef discloses $8 million exploit weeks after the fact, confirming crypto sleuth ZachXBT's investigation
Phantom Wallet raises $150 million at $3 billion valuation Phantom Wallet raises $150 million at $3 billion valuation
Latest News More More
1 Day Ago Tether plans further Bitcoin mining expansion in South America with Adecoagro tie up
2 Days Ago JPMorgan's blockchain unit tests new carbon credit tokenization application with S&P Global
5 Days Ago Ethereum community plans onchain ‘time capsule’ to mark 10th anniversary of network’s genesis block
June 25 Circle's post-IPO stock surge pushes market cap near Coinbase and USDC
June 20 Kraken offers bitcoin ‘staking’ yield via Babylon without wrapping or lending
delate
Use TokenInsight App All Crypto Insights Are In Your Hands
Open