What We Know About the Massive Ledger Hack

The latest crypto exploit, affecting security firm Ledger and a number of popular DeFi protocols, is a moment of levity for some.

AccessTimeIconDec 14, 2023 at 4:47 p.m. UTC
Updated Jan 26, 2024 at 4:11 p.m. UTC
AccessTimeIconDec 14, 2023 at 4:47 p.m. UTCUpdated Jan 26, 2024 at 4:11 p.m. UTC
AccessTimeIconDec 14, 2023 at 4:47 p.m. UTCUpdated Jan 26, 2024 at 4:11 p.m. UTC

Multiple Ethereum-based applications including Zapper, SushiSwap, Phantom, Balancer and Revoke.cash were compromised early Thursday due to a Ledger security breach. Ledger, the Paris-based crypto hardware wallet manufacturer, said it has fixed the malicious code as of 13:35 UTC — the company also warned users to “Clear Sign” transactions, a way to ensure you are interacting directly with the company’s website and software.

It’s not yet known how many decentralized apps (dapps) were/are affected, or how much money has been lost. Anecdotal reports on social media suggest the exploit is widespread. Blockaid, a blockchain security firm, said upwards of $150,000 in crypto had been lost due to this unique “supply chain attack” on Ledger’s Connect Kit, which is deployed across the decentralized finance (DeFi) ecosystem.

This is an excerpt from The Node newsletter, a daily roundup of the most pivotal crypto news on CoinDesk and beyond. You can subscribe to get the full newsletter here.

“Do not interact with ANY dApps until further notice,” Sushi Chief Technology Officer Matthew Lilley wrote on X/Twitter, one of the first people to acknowledge the attack. “It appears that a commonly used Web3 connector has been compromised, which allows for injection of malicious code affecting numerous dApps.”

Hacks are a common occurrence in crypto, especially in the free-wheeling world of decentralized finance (DeFi), where financial software is frequently deployed without the appropriate level of auditing and testing as well as used by people without the knowledge to do proper due diligence. Centralized entities, aka companies, like Ledger, are also common targets for assaults.

These types of breaches are a stain on the industry, affecting not only actual people and projects but also crypto’s reputation. Internet pioneer and security expert Steve Gibson keeps up with the litany of crypto hacks on the popular podcast, “Security Now,” he co-hosts with fellow tech legend Leo Laporte, and recently said any industry where there is a running tally of the largest hacks should be treated with extreme skepticism.

Still, there is sometimes a silver lining to crypto exploits. These events, however blackening, can also be moments of levity, and a chance for seasoned crypto professionals to showcase their skills and the built-in benefits of blockchain. Most crypto transactions cannot be reversed, but attackers can end up in a dead-end trying to actually capitalize on their ill-gotten gains.

Tether, the largest stablecoin issuer, for instance, announced it froze the explorer's address hours after the hack, which speaks to the ability for on-chain sleuths to track down and put pressure on attackers.

So, is it too soon to laugh about it? Just last week, CoinDesk listed Ledger CEO Pascal Gauthier and several of the impacted DeFi protocols on its annual Most Influential list — perhaps we can laugh about the inauspicious timing. But that’s the thing about open-source development that happens in the public eye, even the worst moments can hold valuable lessons for all. On social media, the breach has become an occasion to joke, condemn and learn:

Edited by Benjamin Schiller.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.


Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk offers all employees above a certain salary threshold, including journalists, stock options in the Bullish group as part of their compensation.

Daniel Kuhn

Daniel Kuhn is a deputy managing editor for Consensus Magazine. He owns minor amounts of BTC and ETH.