Pages:
Author

Topic: Ledger library possibly compromised - page 2. (Read 262 times)

hero member
Activity: 2366
Merit: 793
Bitcoin = Financial freedom
December 14, 2023, 09:41:43 AM
#2
Ledger claims that they removed the malicious file.



Link to twitter post

Attackers have managed to compromise a significant number of libraries by targeting just the connect-kit. Ledger identifies version 1.1.4 as the last known safe release but considers all releases up to 1.1.7, posted on the day of the attack, as compromised.

Ledger ConnectKit Library Compromised with a Drainer, Posing Security Risks to Web3 Apps

Ledger is already messed up a lot and now one more to add in that list.
legendary
Activity: 2898
Merit: 1823
December 14, 2023, 09:34:05 AM
#1
A friend of mine texted me that, Ledger users should stay alert and STOP using your Ledger hardware wallets for connecting to "DAPPs". Many users believe that there's a security issue in Ledger's ConnectKit library. It's possible that DAPPs that use the library could allow an exploit, that steals your coins, injected in their very own protocols.
Pages:
Jump to: