On December 14, the front ends of many DApps (decentralized apps) that used Ledger’s connector—Zapper, SushiSwap, Phantom, Balancer, and Revoke. cash—were hacked. Ledger said that the malicious version of the file had been replaced with its legitimate version at 1:35 pm UTC, over three hours after the security issue was identified. In addition to cautioning users “to always Clear Sign” transactions, Ledger states that the addresses and data displayed on its screen are the only authentic sources of information. “Stop that transaction right away if there is a discrepancy between the screen displayed on your device and the screen on your computer or phone.”
Ledger Has Been Accused Of Continuous Susceptibility And Hacking
Chief technological officer of SushiSwap Matthew Lilley was one of the first to notice the problem, pointing out that malicious code may be injected into several DApps due to a misconfigured Web3 adapter. According to the on-chain analysis, the library verified the hack in which the drainer account address was introduced by the weak code.
Lilley held them accountable for the continuous susceptibility and hacking of several DApps. According to the executor, JavaScript was loaded via a compromised network that was connected to their content delivery network. Ledger maintains the connector library, which is utilized by several DApps.
The addition of a wallet drainer means that removing funds from a user’s account cannot occur automatically. On the other hand, commands from a web-based wallet such as MetaMask will appear and may allow malevolent actors to access the resources. Lilley advised customers not to use any DApps that use the connection. She also mentioned that the “connect-kit” is susceptible and that this is a widespread attack that affects several DApps rather than a single, isolated incident.
