Ledger Connect Kit Compromised in Phishing Attack, Affecting Multiple dApps

December 15th, 2023
Ledger's Connect Kit library, crucial for Ethereum-based dApps, faced a security breach today. A phishing attack on a former employee led to the injection of malicious code, putting users' tokens at risk. The exploit impacted various dApps, including SushiSwap and Phantom. Ledger has now rectified the issue, replacing the compromised library and enhancing security measures. Estimated losses are around $504k, impacting about 180 wallets across multiple blockchains.
X

This field is for validation purposes and should be left unchanged.
X