Hackers Steal $484K from Ledger’s Github Library



Key Takeaways

  • Hackers targeted Ledger’s Github library, stealing $484,000 by affecting DeFi protocols.
  • Users advised to avoid dApps as multiple protocols, including MetaMask and Coinbase, remain at risk.

Major Breach in Crypto Wallet Software

In a significant cybersecurity incident, hackers stole $484,000 on Thursday by injecting malicious code into the Github library of Connect Kit, a blockchain software developed by Ledger. This breach has affected various major decentralized finance (DeFi) protocols, prompting a widespread alert for users to refrain from using decentralized apps (dApps) until further notice.

Ledger’s Connect Kit Compromised

Ledger’s Connect Kit, crucial for linking DeFi protocols to crypto hardware wallets, became the hackers’ target. The vulnerability endangered the front-end of all protocols utilizing the Connect Kit, including prominent ones like Sushi, Lido, Metamask, and Coinbase. The incident began with a phishing attack on a Ledger employee, leading to the malicious update of the Connect Kit.

Quick Response but Continued Risks

Ledger acted swiftly, identifying and removing the malevolent version of its Connect Kit. However, the brief window of two hours before the fix was enough for significant fund drainage. Despite Ledger’s update, many websites using the Connect Kit remain vulnerable, with users still experiencing attacks. The complete mitigation of risk requires each protocol using the Connect Kit to update their library version manually.

DeFi Protocols and Users at Risk

Protocols like, used for withdrawing permissions from DeFi protocols, are particularly vulnerable. Users are strongly advised against interacting with to avoid further losses. The nature of this exploit exposes the inherent fragility of decentralized applications, where reliance on external software providers like Ledger creates multiple potential points of failure.

DeFi’s Security Concerns Amplified

This breach highlights the ongoing security challenges within the DeFi sector. Frequent hacks have plagued the year, with July alone witnessing $303 million stolen in separate incidents. The current exploit differs as it affects website front-ends rather than user wallets directly, broadening the attack’s scope.

Looking for the latest scoop and cool insights from CoinRank? Hit up our Twitter and stay in the loop with all our fresh stories!