Ledger’s Crypto & NFT Hardware Wallet Got Hacked

Ledger’s Crypto & NFT Hardware Wallet Got Hacked – Over $600K Crypto Drained

Updated: 15 December 2023

Disclosure

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.

Join Our Telegram channel to stay up to date on breaking news coverage

On December 14, Ledger, the company that makes physical crypto wallets that look similar to USB drives or other storage devices, saw its Ledger Connect Kit software compromised, leading to hundreds of dollars being drained from users’ wallets. In this article, we shall explore in-depth what went wrong.

Ledger Hardware Wallet Got Hacked – What Went Wrong?

Blockaid, a renowned crypto security startup, was the first security firm to detect a malicious exploit on Ledger Connect. It wrote, “we’ve detected a potential supply chain attack on Ledger connect kit. The attacker has injected a wallet-draining payload into the popular NPM package. This heist currently affects a couple of popular dapps.” But what went wrong?

🚨 We've detected a potential supply chain attack on ledgerconnect kit 🚨
The attacker injected a wallet draining payload into the popular NPM package.
This currently affects a couple of popular dapps including but not limited to https://t.co/2QJmKIGv9T

— Blockaid (@blockaid_) December 14, 2023

Ledger started its journey in 2014. The firm was launched by a team of crypto experts with complementary backgrounds to secure the blockchain revolution. Ledger has over 700 employees across 8 offices, including Paris, Vierzon, London, Portland, Singapore, and more.

Since its inception, Ledger has emerged as one of the most trusted crypto security devices, gaining immense trust among millions of users. Their devices are powered by the Secure Element chip and Ledger’s proprietary OS, battle-tested for years by security experts.

In a short statement, Ledger has plainly explained that the exploit originated from a phishing attack that targeted a former employee. The hacker published malicious code that rerouted user funds to their wallet during transactions with decentralized applications, or dapps, that used the affected software.

🚨Please be aware of on-going phishing and scams.🚨

We only have two genuine social media accounts, @ledger and @ledger_support.

The rest are all fake accounts.

— Ledger (@Ledger) December 14, 2023

The Ledger Company said the malicious code was live for around five hours. Fortunately, its security experts were able to deactivate the malicious code and replace the Ledger Connect Kit in the subject with a new and more secure Ledger Connect Kit.

Based on Blockaid estimate, anywhere from 500 to 1000 crypto wallets were compromised, leading to more than $500,000 being stolen from crypto and NFT users. While commenting about the hack in a short interview, Raz Niv, co-founder and chief technology officer of Blockaid, said that the hack was not specific to Ledger customers and that users of various hardware and software wallets from other providers were also impacted.

Ledger CEO Describes The Hack As An ‘Isolated Incident’

In a subsequent blog post, Pascal Gauthier, the chairman and the chief executive officer of Ledger, has remorsefully sympathized with all affected users, vowing to do what it takes to “find this bad actor, bring them to justice.” The top executive said the hack of Ledger’s Javascript connector library was an “isolated incident” and promised more robust security control.

My personal commitment: Ledger will dedicate as much internal and external resources as possible to help the affected individuals recover their assets.

— Pascal Gauthier @Ledger (@_pgauthier) December 14, 2023

The recent security breach is another black eye for Ledger, which received massive criticism in May for a new security tool that many users argued was antithetical to the basic tenets of crypto. Ledger hack also reflects the persistence of security attacks in the crypto industry, which saw crypto projects lose $1.7 billion to exploits in 2023, according to data from analytics firm TRM Labs.