Crypto Community Reacts to Ledger Connect Hack Affecting Decentralized Apps
Summary:
Cryptocurrency community members reacted to the Ledger Connect Kit exploit, which affected numerous decentralized applications. The hack, which took place on Dec. 14, saw several major apps breached and at least $484,000 in crypto assets stolen. Ledger's CEO described the incident as isolated and assured of collaboration with law enforcement to find the perpetrator. Despite the company's reassurances, certain community members urged caution and suggested switching to other wallet platforms. Discourse on the situation includes references to Ledger's 2020 security breach, a perceived disregard for operational safety, and calls for increased transparency through open-sourcing all processes.
Members of the cryptocurrency realm have shared their reactions to the Ledger Connect Kit exploit that impacted many decentralized applications (DApps) in the Web3 domain. On Dec. 14, a cybercriminal manipulated Ledger's connector to assault the interface of various DApps. Major applications such as SushiSwap, Phantom and Revoke.cash fell victim to the breach, which saw the theft of a minimum of $484,000 in cryptocurrency assets. Ledger mitigated the issue three hours after the initial attack alerts. Pascal Gauthier, the company's CEO, categorized it as a solitary occurrence and mentioned collaboration with the pertinent law enforcement entities to track and apprehend the hacker. Ledger refuted that it was a repeated event. However, a warning to Web3 users about the potential effect on the entire Ethereum Virtual Machine (EVM) system was issued by Linea, a zero-knowledge rollup from Consensys.
In the aftermath of the event, community members voiced their views about the Ledger incident on platform X (previously known as Twitter). Some suggested switching to different wallet platforms, while others pressed Ledger to make all their processes open-source.
On Dec. 15, a Bitcoin (BTC) proponent, Brad Mills, advised his X audience to utilize Bitcoin-exclusive hardware engineered by Bitcoin professionals for safeguarding BTC. Mills encouraged community members to dissuade friends from using hardware wallets Ledger or Trezor to enter the realm of BTC. A past incident in 2020 saw Ledger being compromised leading to the revelation of user data like home details, contact numbers, and email accounts. Against this backdrop, Ethereum Name Service developer, Nick Johnson, posted that no one should endorse their hardware or utilize their libraries, referring to Ledger's history of breaches.
Johnson asserted that the disregard shown by Ledger towards operational security was habitual and that they didn't warrant any further chances for improvement. Concurrently, a crypto trader and analyst, Krillin, criticized Ledger for focusing on eliminating negative remarks from their posts on X for an entire day.
During the Dec. 14 breach, a former Ledger employee became the victim of a phishing exploit that allowed the intruder entry to the worker's computer. The employee's node package manager JavaScript account was breached, causing the hack.
In light of the hack, a community member suggested that Ledger should "open-source everything," and let the community act as their "surgeon" in recovery. On May 24, Ledger made a public announcement stating that a substantial part of their applications were now open-source, and emphasized their commitment to further open up their coding process. As per community members, transparency is crucial and not a mere luxury, and they believe that restoring trust necessitates frankness rather than concealed assurances.
Published At
12/15/2023 7:25:44 PM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.