HomeNewsTether Takes Down Hacker: Ledger Library Exploit Thwarted

Tether Takes Down Hacker: Ledger Library Exploit Thwarted

- Advertisement -
  • Wallet Freeze to Counter Cyberattack: Tether has frozen a hacker’s wallet containing around $483,000, including $44,000 in USDT, following a cyberattack on Ledger’s code library.
  • Rapid Response and Collaboration: Ledger and Tether’s quick actions, alongside support from WalletConnect, Chainalysis, and others, showcase effective collaboration against sophisticated threats in the crypto space.

Fortifying Blockchain Security Against Cyber Threats

In a decisive response to a cyberattack on Ledger’s code library, Tether and Ledger have demonstrated the crypto community’s capacity to counter threats effectively. Tether’s Chief Technology Officer, Paolo Ardoino, announced the freezing of the attacker’s wallet, containing stolen funds from various protocols, as per DeBank’s data.

Details of the Compromised Assets and Attack

The hacked assets included $44,000 in USDT, Tether’s stablecoin. By freezing the wallet, Tether has prevented any further USDT transactions from the compromised address, though other digital asset transactions could still occur. The attacker’s wallet was found to have engaged with the AngelDrainer phishing group, with a notable transaction involving 4.334 ETH.

Ledger, known for its hardware wallets, faced a significant breach when its Ledger ConnectKit library, a vital code repository, was compromised. This breach, initiated through a phishing attack on a former employee, allowed malicious code injection.

Prompt Mitigation and Collaborative Efforts

The infiltration left the front-ends of several decentralized finance (DeFi) platforms vulnerable. As a preventive measure, DeFi services like Kyber and RevokeCash temporarily disabled their front-ends, and Sushi Swap’s CTO, Matthew Lilley, advised against dapp interactions.

Ledger promptly released an updated version of the Connect Kit (version 1.1.8) to rectify the security flaw. The malicious version, affecting versions 1.1.5 to 1.1.7, employed a rogue WalletConnect project to reroute funds to the attacker’s wallet. Ledger’s team managed to deploy a fix within 40 minutes of detection, restricting the active period of the malicious file to approximately five hours and reducing the window for fund drainage to under two hours.

This incident underscores the importance of collaborative efforts in the crypto industry. The combined actions of Ledger, WalletConnect, Tether, Chainalysis, and on-chain investigator ZachXBT exemplify the community’s strength in facing sophisticated digital threats. Such partnerships are essential in safeguarding the integrity and security of the blockchain and cryptocurrency sectors.

Disclaimer: ETHNews does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. Readers should do their own research before taking any actions related to cryptocurrencies. ETHNews is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned.
Ralf Klein is a computer engineer specializing in database technology, and as such, he was immediately fascinated by the possibilities of blockchain when he first heard about it, especially since this distributed, tamper-proof technology can be the foundation for much more than just cryptocurrencies. At ETHNews, he translates the articles of his English-speaking colleagues for the German readers. Business Email: info@ethnews.com Phone: +49 160 92211628