- Per recent reports, Tether has officially frozen the addresses of hackers who have siphoned more than $400,000.
- Users of the Ledger platform have been advised to refrain from using Web3 dApps in the meantime.
Amidst ongoing security concerns, Tether has placed restrictions on the wallets of the attackers responsible for exploiting the Ledger network.
According to Paolo Ardoino, the Chief Security Officer of Tether, the attacker’s addresses have been frozen. This will make it impossible for them to gain access to the funds connected to the recent attack carried out on the Ledger platform.
Tether just froze the Ledger exploiter address
— Paolo Ardoino 🍐 (@paoloardoino) December 14, 2023
It bears mentioning that while the attackers will no longer be able to carry out any USDT-related transactions using the wallet address, they might still be able to carry out transactions relating to other digital assets.
As more internal security checks were being carried out, it was discovered that the attacker’s wallet had interacted with a known phishing group dubbed “AngelDrainer.” While most of the interactions are unknown, a transaction involving 4.334 ETH was recorded.
Ledger users have been advised to proceed with caution following the recent security breach. Users are cautioned against using web3 dApps.
As previously reported, the Ledger ConnectKit library which is utilized by the Ledger hardware wallet was attacked by hackers. Users of the Ledger platform were affected by the attack, as hackers installed malicious code into the wallets of unsuspecting users. This eventually compromised the front ends of a handful of DeFi protocols.
🚨Please be aware of on-going phishing and scams.🚨
We only have two genuine social media accounts, @ledger and @ledger_support.
The rest are all fake accounts.
— Ledger (@Ledger) December 14, 2023
The attacker’s address was credited with multiple digital assets totaling $483,000. Data from DeBank, a leading wallet analytics platform revealed that the wallet also received $44,000 worth of USDT.
Sushi community members advised against using dApps
Aside from creating hardware wallets for cryptocurrency users, Ledger serves the DeFi industry by providing Lido, Metamask, and Coinbase with the Connect Kit software used to integrate its products into decentralized applications (dapps).
Speaking on the recent development was Matthew Lilley, the CTO of Sushi, who advised users to not interact with ANY dApps until further notice. Matthew Lilley added;
It appears that a commonly used web3 connector has been compromised, which allows for injection of malicious code affecting numerous dApps.
🚨 Urgent Security Alert 🚨
We've identified a critical issue the ledger connector has been compromised, potentially allowing the injection of malicious code affecting various dApps.
🔴 If you have the Sushi page open and see an unexpected 'Connect Wallet' pop-up, DO NOT… https://t.co/alGVbnPfHW
— Sushi.com (@SushiSwap) December 14, 2023
In an official blog post, Sushi informed its community members of the situation. Users were firmly warned to not interact or connect with their wallet if they saw a ‘Connect Wallet’ pop-up on their Sushi page.
Ledger has since disclosed that the malicious version of the Ledger Connect Kit is being scrapped and will be replaced. Users are being reassured of the safety of their funds. Ledger devices, as Ledger claims that nothing has been compromised thus far. They are also being advised to keep an eye out for an update as the situation evolves.
“We’re studying the exploit to avoid further attacks. We believe the attacker’s address where the funds were drained is here: 0x658729879fca881d9526480b82ae00efc54b5c2d” Ledger wrote, in an update shared to X.
Subscribe to our daily newsletter!
No spam, no lies, only insights. You can unsubscribe at any time.
