Ledger: Genuine and verified Ledger Connect Kit version 1.1.8 is now safe to use

Bitget App

Trade smarter

Cointime2023/12/14 16:15

By:Cointime

Ledger has released the latest update on the vulnerability on the X platform, stating that the genuine and validated Ledger Connect Kit version 1.1.8 has now been spread and can be safely used. For builders who are developing Ledger Connect Kit code and interacting with it: the connect-kit development team on the NPM project is now read-only and cannot directly push NPM packages for security reasons.

In addition, malicious code uses the rogue WalletConnect project to reroute funds to hacker wallets. -Ledger's technical and security teams received alerts and deployed fixes within 40 minutes of Ledger's awareness. The survival time of this malicious file is about 5 hours, but the time window for funds to be depleted is less than two hours.

The team is filing complaints and working with law enforcement to investigate and find the attacker, and is studying the vulnerability to avoid further attacks.

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.

APR up to 10%. Always on, always get airdrop.

Lock now!

World Liberty Financial’s new strategic token reserve aims to support major cryptocurrencies like Bitcoin and Ethereum, potentially giving renewed utility to its struggling WLFI governance token.Critics argue that WLFI’s structure allows the Trump family to profit from political influence while offering no direct claims to the reserve for token holders.

The Block•2025/02/13 22:11