- The Chairman and CEO of Ledger, Pascal Gauthier, alerted its users that they “identified and removed a malicious version of the Ledger Connect Kit.”
- Gauthier further warned the users not to interact with any dApps for the moment.
- The CTO of Sushi also mentioned that any dApp that utilizes LedgerHQ/connect-kit is vulnerable.
The Chairman and CEO of Ledger, Pascal Gauthier, recently took to X (formerly Twitter) to alert its users that they “identified and removed a malicious version of the Ledger Connect Kit.” Gauthier further warned the users not to interact with any dApps for the moment and promised to inform them about any further developments.
Gauthier made this post by tagging Ledger’s warning on X. In the post, Ledger, a prominent self-custody crypto wallet company, mentioned that a genuine version is being pushed to replace the malicious file now. In regards to the latest attack, the crypto wallet company guarantees that the Ledger device and Ledger Live “were not compromised.”
Several companies have already pointed out this malicious site, desperately trying to warn their users about this hidden attack. The crypto community first heard it from Sushi’s CTO, stating:
“Do not interact with ANY dApps until further notice. It appears that a commonly used web3 connector has been compromised which allows for injection of malicious code affecting numerous dApps.”
The CTO of Sushi also mentioned that any dApp that utilizes LedgerHQ/connect-kit is vulnerable. The executive further warned that “this isn’t a single isolated attack; it’s a large-scale attack on multiple dApps.”
Several users and organizations have complained about this situation as a malicious Connect Wallet popup opens up on top of the actual modal window. CertiK Alert also mentioned that at least $250,000 has been stolen. After a few minutes, CertiK Alert further updated that the loss across five chains had increased to at least $450,000. It is still yet to be determined how much is the actual loss in such a short amount of time.