Ledger Library Confirmed Compromised and Replaced with Drainer

Ledger Library Confirmed Compromised and Replaced with Drainer

According to ZachXBT, the on-chain detective:  There has been confirmation that the Ledger Library, an integral part of many decentralized applications (dApps), has been compromised. It is reported that the library was replaced with a 'drainer,' - a malevolent component specifically designed to surreptitiously divert resources or data.

The Ledger Library compromise was a serious security breach that affected many decentralized applications (dApps) and potentially put users' crypto funds at risk. Here's what you want to know about it:

What happened:

• The Ledger Connect Kit, a library used by many dApps for interacting with Ledger hardware wallets, was compromised.
• A malicious version of the library was uploaded to a content delivery network (CDN) used by these dApps.
• This malicious library contained a "drainer" that could steal users' funds if they interacted with the compromised dApp.

Timeline:

• The compromise was discovered on December 15, 2023.
• Ledger confirmed the vulnerability and replaced the malicious library with a genuine version within a few hours.
• However, some users might have interacted with the compromised library before it was fixed, potentially putting their funds at risk.

Impact:

• The full extent of the damage is still unknown, but several dApps were confirmed to be affected.
• Users who interacted with these dApps while the malicious library was active may have had their funds stolen.

Recommendations:

• Ledger recommends that users avoid interacting with any dApps until the situation is fully resolved.
• Users who suspect their funds might be at risk should contact the affected dApp or Ledger support immediately.