'%20x='0'%20y='0'%20height='100%25'%20width='100%25'%20%0A%20%20%20%20%20%20%20%20%20%20xlink%3Ahref='data:image/jpg;base64,/9j/2wBDAAYEBQYFBAYGBQYHBwYIChAKCgkJChQODwwQFxQYGBcUFhYaHSUfGhsjHBYWICwgIyYnKSopGR8tMC0oMCUoKSj/2wBDAQcHBwoIChMKChMoGhYaKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCgoKCj/wgARCAAGAAoDASIAAhEBAxEB/8QAFgABAQEAAAAAAAAAAAAAAAAAAAMI/8QAFAEBAAAAAAAAAAAAAAAAAAAAAP/aAAwDAQACEAMQAAAAzDEP/8QAHBAAAgICAwAAAAAAAAAAAAAAAgMBEQASBCFR/9oACAEBAAE/AFEoOOxbAtpXqWsTXWQovYz/xAAUEQEAAAAAAAAAAAAAAAAAAAAA/9oACAECAQE/AH//xAAUEQEAAAAAAAAAAAAAAAAAAAAA/9oACAEDAQE/AH//2Q=='%3E%3C/image%3E%3C/svg%3E)
On December 14, 2023, the security system of various decentralized applications using Ledger's connector library was affected after the latter was hacked. The security compromise could bring a change to the apps, due to which, users might end up sending cash to the hackers instead of sending it directly to the wallets.
Decentralized application refers to an app using blockchain or distributed ledger technologies where users can make transactions without depending on a "centralized intermediary," as per Hedera.
According to CoinDesk, cryptocurrencies worth $150,000 were lost because of the hack, which was called a "supply chain attack." The Crypto Times stated that the reason behind the hack was a malicious code that allowed the unauthorized fund transfers, and a few users reported losses of around $600,000.
Unchained reported that, as per the details revealed by some users, a malicious window frequently appeared when they "interacted with the interface" of the apps, and they lost their crypto after linking the wallets.
Twitter flooded with memes after Ledger's security system gets compromised
While Ledger's security system was compromised recently due to a hack, the exact number of victims affected by it has not been disclosed. However, the company shared a post on X (formerly Twitter), writing that the "malicious version of the Ledger Connect Kit" was removed.
They further stated:
"A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. Wе will kееp you informеd as thе situation еvolvеs."
Thе company additionally shared that thеy would rеvеal morе dеtails about thе hack as soon as possible. The malicious file led to huge losses, and there was a line-up of memes on X, where people used GIFs to express their criticism.
A few decentralized apps also informed the users of the attack so that they could be safe, including SushiWap. The official page of the app on X shared a post regarding the same, saying that the ledger connector was "compromised" and added:
"If you have the Sushi page open and see an unexpected 'Connect Wallet' pop-up, do not interact or connect your wallet."
People were advised to avoid using the crypto applications until a solution could be discovered for removing the malicious file. After the file was removed, Ledger also asked people to "Clear Sign" the transactions and discontinue the transaction if the malicious pop-up window appeared again.
Crypto apps advise users to avoid using the apps for sometime
Ledger's security compromise caused a lot of problems for crypto users. While the problem has been solved, a few people have advised others to avoid transactions on the app for some time until the entire thing is sorted out properly.
Polygon Labs VP Hudson Jameson also shared a post on X and mentioned a few steps, advising people to "not interact with any dapp front ends on websites." He also explained how the money is sent to the hackers and wrote:
"If you visit the website you won't get automatically drained or your funds. However, prompts from your browser wallet (like MM) will display that give your assets to the malicious actors."
The company has previously been a victim of a similar incident in 2020, where an email in disguise of their support tried to steal the data of multiple customers.
