The company, which is considered a major crypto reference in the field of security, had a year 2023 to forget. After the controversy with Ledger Recover, there is now an even more serious problem. Your connected systems have been compromised.

A security breach in Ledger Connect Kit. The company itself officially reported this hack. What is known is that on December 14, Ledger suffered an exploit in the Ledger Connect Kit, a Javascript library that connects websites to Ledger wallets.

The attack affected third parties that used this kit for synchronization but did not affect cold wallets. As Ledger explains, the industry cooperated to neutralize the attack and freeze the stolen funds affected.

It is unknown how much was stolen. It’s still unclear how many decentralized applications are affected. Some firms, like Blockaid, report losing at least $150,000 in crypto. As ZachXBT explains, approximately $610,000 would have been lost. The figure can vary greatly depending on the affected user.

Ledger does not provide specific information about the cryptocurrencies affected, but confirms that the exploit was active for less than two hours. A short period of time, but long enough to steal a large amount of cryptocurrency.

It’s a problem with centralization. Hacks are common in the crypto world and should be understood as part of the disadvantages of decentralized systems. Because there are so many third-party services and applications, it is common for not all updates to be checked and tested properly. Simply due to the resource issue and the size of the people involved.

Source: An employee was a phishing victim. It is the most common technique to obtain a hack. Infiltrate internal systems by phishing an employee with access to certain features. This situation also happened at Ledger, as stated by the company itself.

This vulnerability was the result of deceiving a former employee; It allowed attackers to upload a malicious file to Ledger’s internal tool that checks Javascript code between applications. Once detected, it took 40 minutes for the code to be deactivated and the tools updated.

The 1% that overshadows all the work. Ledger describes what happened as an “unfortunate, isolated incident.” The company explains that for 99% of its internal processes, there is no single person who can upload code to their systems. It is reviewed by multiple teams and has strict security controls. At the same time, they recognize that they must continue to raise their standards.

Ledger explains that it has already started to cooperate with the authorities to investigate this issue and will work to return the stolen financial assets.

Image | Amjith S.

in Xataka | Losing user trust is critical. Ledger incident is a lesson to all security companies