NFT BUILDS INC

You have not selected any currencies to display

MetaMask and Ledger Security Breach Sparks EVM Ecosystem Alert

The security incident involving popular wallet provider MetaMask and hardware wallet Ledger has sent shockwaves across the Ethereum Virtual Machine (EVM) ecosystem. The attack targeted Ledger's connector library, a crucial interface between Ledger hardware wallets and decentralized applications (DApps).MetaMask, a widely used wallet provider, also fell victim to the breach. It swiftly deployed an update

The security incident involving popular wallet provider MetaMask and hardware wallet Ledger has sent shockwaves across the Ethereum Virtual Machine (EVM) ecosystem. The attack targeted Ledger’s connector library, a crucial interface between Ledger hardware wallets and decentralized applications (DApps).

MetaMask, a widely used wallet provider, also fell victim to the breach. It swiftly deployed an update on its MetaMask Portfolio to address the issue, cautioning users to activate the Blockaid feature before conducting any transactions.

To all web3 users,
It looks like this vulnerability is affecting multiple dapps across the whole EVM ecosystem. It is very risky to interact with any dapps until the issue is properly addressed.

Stay safe out there! https://t.co/kFykLW4lWm

— Linea (@LineaBuild) December 14, 2023

The Linea team from Consensys, responsible for a zero-knowledge rollup, indicated that the assault on Ledger’s connector library might have broader implications for the entire EVM ecosystem. This library plays a pivotal role in facilitating communication between Ledger hardware and various DApps.

The attack unfolded when a former Ledger employee fell victim to a phishing attack, leading to the compromise of their NPMJS account. The attacker exploited this compromise to release a malicious version of the Ledger Connect Kit, affecting versions 1.1.5, 1.1.6, and 1.1.7. The rogue code utilized a counterfeit WalletConnect project to redirect funds to a hacker-controlled wallet.

Wallet providers and protocols such as Zapper, SushiSwap, Phantom, Balancer, and Revoke.cash were also affected. Certik, a blockchain security firm, warned that any DApp importing the Ledger CDN would automatically execute the malicious code, compelling victims to connect via any supported wallet.

FINAL TIMELINE AND UPDATE TO CUSTOMERS:

4:49pm CET:

Ledger Connect Kit genuine version 1.1.8 is being propagated now automatically. We recommend waiting 24 hours until using the Ledger Connect Kit again.

The investigation continues, here is the timeline of what we know about…

— Ledger (@Ledger) December 14, 2023

Ledger promptly addressed the issue, releasing a patch approximately 40 minutes after its discovery. However, as a precautionary measure, the company advised users to refrain from using its Ledger Connect Kit for 24 hours.

The scale of the security breach could be significant, with blockchain analytics platform Lookonchain estimating the stolen assets at nearly $484,000. Ledger acknowledged the potential for a broader impact and emphasized the need for users to exercise caution during the specified waiting period before resuming the use of Ledger Connect Kit.

Wasif Shakir

Subscribe to the Markets Outlook newsletter
Weekly newsletter that covers the main factors influencing Bitcoin’s price and the week ahead. Delivered every Monday

Related Post