Cryptocurrency wallet Ledger hacked in ‘isolated incident’

Cryptocurrency wallet Ledger hacked in 'isolated incident'

Ledger CEO Pascal Gauthier doesn’t believe a hack on Thursday did much damage

Ledger CEO Pascal Gauthier recently addressed the wallet’s December 14 hack, saying in a company blog post that it is working with authorities to “find this bad actor, bring them to justice.” He stated that the hack of Ledger’s Javascript connector library was an “isolated incident” and pledged there would be stronger security control moving forward.

Gauthier said the exploit was halted within 40 minutes after it was discovered, running for less than two hours and confined to third-party decentralized applications (DApps). He said a former employee who was the victim of a phishing scam made the breach possible and that their identity was supposedly left behind in the hacked code. The Ledger Live platform and Ledger hardware were not impacted.

“The standard practice at Ledger is that no single person can deploy code without review by multiple parties. We have strong access controls, internal reviews, and code multi-signatures when it comes to most parts of our development. This is the case in 99% of our internal systems. Any employee who leaves the company has their access revoked from every Ledger system,” he added.

Gauthier called the hack “an unfortunate isolated incident,” vowing that in the future, “Ledger will implement stronger security controls, connecting our build pipeline that implements strict software supply chain security to the NPM distribution channel.”

This kind of breach could happen to others, Gauthier said, adding that Ledger Connect Kit 1.1.8 is secure and ready for use. He also thanked Tether, Chainalysis, WalletConnect and ZachXBT for their assistance.

The extent of the hack was initially evaluated at $484,000, but Blockaid, a Web3 security service, later said the total had grown to $504,000 by 8 PM UTC. Ledger added that any Ethereum Virtual Machine user who interacted with DApps could also be affected.

Secure Banking

Safer Gambling

Our Responsible Gambling program makes sure every player is of legal age and also gives you the option to self-exclude for a time period from our tables, sportsbook or casino.

Need Help?


Maximize your income through our affiliate marketing. Learn more >
Copyright © 2024 | | T&Cs | All Rights Reserved

Select the software version that is right for your Mac

How to find my chip architecture?