An industry-wide exploit related to Connect Kit from Ledger has triggered concerns in the decentralized finance (DeFi) space, leading to a warning from Sushi’s Chief Technology Officer (CTO). The exploit, which involves compromising the front end of websites or applications, poses a significant threat to users, prompting caution against interacting with any decentralized applications (dApps) until further notice.
We have identified and removed a malicious version of the Ledger Connect Kit.
A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves.
Ledger, known for its hardware wallets, provides the Connect Kit software utilized by various DeFi protocols, including Lido, Metamask, Coinbase, and Sushi. The compromise of Ledger’s Connect Kit raises concerns about the security of decentralized applications connected to Ledger’s products. The exploit allows hackers to manipulate the front end of websites, potentially leading users to unintentionally send funds to malicious actors.
Sushi CTO’s Warning and Industry-Wide Impact
Sushi’s CTO, Matthew Lilley, issued a stark warning, advising users not to interact with any dApps until further notice. The compromise of a commonly used web3 connector has implications for numerous dApps, with the potential for injection of malicious code affecting users across the DeFi landscape. The warning emphasizes the severity of the exploit and the need for a temporary halt in dApp interactions.
Exploit Mechanism: Pop-Up Wallet Connection and Token Drain
Reports indicate that the exploit involves a pop-up prompt urging users to connect their wallets, triggering a token draining mechanism. The compromise in the Connect Kit’s functionality allows hackers to manipulate user interfaces, leading to unintended financial transactions. The impact extends beyond Sushi, with issues reported on other DeFi platforms, including Zapper and RevokeCash.
Ledger Responses: Post-Mortem and Remediation Steps
Ledger responded to the exploit by publishing a post-mortem on the incident, revealing that a former Ledger employee fell victim to a phishing attack, enabling a hacker to insert malicious code into the Connect Kit. The compromised code has been identified and removed, with Ledger pushing an authentic version to replace the malicious file. Users are advised to refrain from interacting with any dApps temporarily.
Heightened Vigilance in the DeFi Space
The recent exploit highlights the vulnerability of DeFi protocols to security breaches, emphasizing the need for heightened vigilance among users and industry stakeholders. The incident serves as a reminder of the evolving threat landscape in the crypto space and the importance of prompt responses and cautionary measures to safeguard users against potential risks.
… we have a small favour to ask. More people are reading Side-Line Magazine than ever but advertising revenues across the media are falling fast. Unlike many news organisations, we haven’t put up a paywall – we want to keep our journalism as open as we can - and we refuse to add annoying advertising. So you can see why we need to ask for your help.
Side-Line’s independent journalism takes a lot of time, money and hard work to produce. But we do it because we want to push the artists we like and who are equally fighting to survive.
If everyone who reads our reporting, who likes it, helps fund it, our future would be much more secure. For as little as 5 US$, you can support Side-Line Magazine – and it only takes a minute. Thank you.
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.