Cryptocurrency wallet “Ledger Inc.” announces compensation measures for security breach, doing its best to support victims and strengthen safety

Comprehensive report on hacking damage

In response to the security incident that occurred last week, crypto wallet company Ledger promised in a statement on the 20th to provide full assistance to affected users. It is reported that this attack caused a total of $600,000 (approximately 86 million yen) in damage.

Additionally, Ledger CEO and Chairman Pascal Gauthier announced a commitment to compensate victims whose assets were stolen in the attack on December 14, 2023, including users who are not Ledger customers.

According to a company report, a former employee was the victim of a phishing attack on the morning of December 14th, which the attackers used to inject malicious code into external DApps through the Ledger Connect Kit. The malware used was Angel Drainer, and attacks of this type have been on the rise over the past three months.

Source: Ledger

The attack forced some Ethereum Virtual Machine (EVM) DApp users to sign transactions that had their assets extracted from their wallets. The attack was quickly identified and countermeasures were implemented within five hours, but the damage had already been done.

Rather than using the Ledger Connect Kit, the attacker distributed a malicious code package through a CDN and transferred users’ assets to the hacker’s wallet. This code was dynamically loaded by DApps integrating Connect-Kit-loader.

In response, Ledger’s security team is reviewing and auditing its access controls. We will also strengthen our policies and thoroughly check access to external tools. In early 2024, the company plans to strengthen its internal security training program and conduct third-party audits focused on access control and code promotion.

connection:Metamask to introduce new security alert feature

Proposal to promote clear signatures

Additionally, Ledger is encouraging its ecosystem partners, especially DApp (decentralized application) developers, to eliminate blind signatures and promote clear signatures. This allows you to fully understand and view transaction details on your Ledger device.

The company plans to end blind signatures by June 2024 and emphasized that it will work with external partners to establish new standards that encourage the use of clear signatures across DApps.

Clear signatures make transaction details readable Source: Ledger

With clear signatures, end users can accurately see and verify transactions on the secure display of their Ledger devices, which increases protection from fraudulent transactions caused by malware and phishing attacks. Ru.

Ledger also said it is working to track down the hackers and is working with law enforcement to recover the funds. “As the investigation progresses, we are working closely with authorities to assist the victims, apprehend the perpetrators, and recover stolen assets,” CEO Paul Gauthier said in a statement.

Following the incident, stablecoin USDT issuer Tether froze the attacker’s address and shared the information with blockchain analysis firm Chainalysis. The attacker’s code was valid for about five hours, affecting decentralized exchanges such as SushiSwap. Ledger fixed the issue the same day.

“We are 100% focused on following up on last week’s security incident to ensure that such incidents are prevented in the future and our ecosystem is secure,” Ledger confirmed in a statement.

What is Angel Drainer?

Source: Ledger

Angel Drainer is a malware that specializes in EVM chains and has been increasing in number over the past three months. Designed for creating transactions that drain assets from a wallet. Deploy smart contracts as needed to generate customized transactions to cause maximum damage.

For ERC20 (token standards) and NFTs (non-fungible tokens), it requires signing an approval and permission message, and for native tokens, it requires signing a fake “claim” transaction and then ejects the token. For this reason, Ledger’s policy is to encourage clear signatures that allow transactions to be verified on a reliable display on a hardware device.

connection:Metamask and others warn that virtual currency may be illegally leaked from a wide range of Ledger-compatible dApps

The post Cryptocurrency wallet “Ledger Inc.” announces compensation measures for security breach, doing its best to support victims and strengthen safety appeared first on Our Bitcoin News.