Compra criptomonedas
Pagar con
USD
USD
Compra y venta
Hot
Acepta Visa, MasterCard, SEPA y más
P2P
0 Fees
Trading flexible y sin tarifas
Gate Card
Paga con tus cripto en todo el mundo
Mercados
Operar
Básico
Avanzado
Futuros
Contrato
Accede a cientos de contratos perpetuos
TradFi
Oro
Plataforma global de activos tradicionales
Opciones
Hot
Opera con opciones estándar al estilo europeo
Cuenta unificada
Maximiza la eficacia de tu capital
Trading de prueba
Introducción al trading de futuros
Prepárate para operar con futuros
Eventos de futuros
Únete a eventos para ganar recompensas
Trading de prueba
Usa fondos virtuales para probar el trading sin asumir riesgos
Earn
Lanzamiento
CandyDrop
tag
Acumula golosinas para ganar airdrops
Launchpool
Staking rápido, ¡gana nuevos tokens con potencial!
HODLer Airdrop
Holdea GT y consigue airdrops enormes gratis
Launchpad
Anticípate a los demás en el próximo gran proyecto de tokens
Puntos Alpha
Opera activos on-chain y recibe airdrops
Puntos de futuros
Gana puntos de futuros y reclama recompensas de airdrop
Inversión
Momentos
Square
Descubra el valor en criptomonedas
En vivo
moments live
Análisis del mercado de criptomonedas en tiempo real
Chat
Chatea con traders de criptomonedas
Noticias
Lo que está ocurriendo en el mundo de las criptomonedas
flower_head
Más
Promociones
AI
Otros
TradFi
Centro de Recompensas
Plaza
Más recientes
Populares
Noticias
Perfil

Ledger ex-staff phished in library compromise

crypto.newsvip

The hard wallet maker said a former employee fell victim to a phishing scam, which allowed a hacker to access the library and steal $480,000 in crypto.

Ledger’s chairman and CEO, Pascal Gauthier, attested to an exploit on Ledger Connect Kit, a Java library to connect Web sites to wallets on several defi platforms. Gauthier’s letter said the incident was isolated to third-party applications and stressed that Ledger’s hard wallet products remained unaffected.

The standard practice at Ledger is that no single person can deploy code without review by multiple parties. We have strong access controls, internal reviews, and multi-signature code when it comes to most parts of our development. This is the case in 99% of our internal s. Any employee who leaves the company has their access revoked from every Ledger .

Pascal Gauthier, chairman and CEO, Ledger

However, Gauthier confirmed that an ex-staff was hacked by a phishing scammer who then used compromised account access to publish a rogue WalletConnect project. This allowed bad actors to reroute user funds

The Dec. 14 exploit affected several defi apps like SushiSwap and Revoke.cash, crypto.news reported.

Ledger’s update on the issue verified observations made by crypto participants on social media. One user identified a GitHub account linked to an ex-Ledger developer, Junichi Sugiura. Gauthier’s post did not identify the former employee, and Sugiura had not replied to requests for comments

Tether froze an address linked to the hacker, according to CTO Paolo Ardoino. Meanwhile, CertiK reported ERC-20 transactions made by wallets likely affiliated with the exploiter.

The exploit marked the second time in two months that phishers have leveraged Ledger to steal user funds. In November, crypto investigator ZachXBT warned users of a fake Ledger Live app on the official Microsoft app store. The fraudulent app siphoned Bitcoin (BTC) and Ether (ETH) worth $768,000.

Esta página puede contener contenido de terceros, que se proporciona únicamente con fines informativos (sin garantías ni declaraciones) y no debe considerarse como un respaldo por parte de Gate a las opiniones expresadas ni como asesoramiento financiero o profesional. Consulte el Descargo de responsabilidad para obtener más detalles.
  • Recompensa
  • Comentar
  • Republicar
  • Compartir
Comentar
Añadir un comentario
Añadir un comentario
Sin comentarios

  • Anclado

Mapa del sitio