Ledger CEO promises to address recent hacking issues and strengthen security
Key Takeaways
- According to Pascal Gauthier, the hack of Ledger’s Javascript connector library was an isolated event that only affected third-party dApps and not Ledger’s core hardware or platform.
- Ledger has decided to strengthen its security measures, including stricter software supply chain controls, to prevent future breaches.
- The impact of the hack, initially estimated at $484,000, has grown to $504,000.
In response to the recent security breach, Ledger CEO Pascal Gauthier issued a statement reassuring the cryptocurrency community. Gauthier emphasized: The incident was an isolated incident He then outlined measures to strengthen security going forward.
The breach, which occurred on December 14, involved Ledger’s Javascript connector library.. Gauthier said the exploit was quickly detected and disabled in just 40 minutes.
Did you know?
Do you want to become smarter and richer with cryptocurrency?
Subscribe – We post new cryptocurrency explainer videos every week!
Limited to: Third-party decentralized applications (dApps)Ensures that Ledger’s hardware and Ledger Live app are not affected.
The root causes of the breach are: A former employee fell victim to a phishing scam., resulting in their identity being exploited in hacked code. However, Gauthier emphasized Ledger’s commitment to security:
We have strong access controls, internal reviews, and code multi-signature in most parts of our development. This applies to 99% of our internal systems. Employees who leave the company will have their access to all Ledger systems revoked.
Despite the breach, Gauthier characterized it as an “unfortunate isolated incident” and promised to strengthen security controls. He made the following detailed plan: Connect build pipelines to strengthen software supply chain security for NPM distribution channels.Demonstrates Ledger’s commitment to preventing future breaches.
Gauthier also warned and reassured users that similar hacks could potentially target other platforms. Ledger Connect Kit 1.1.8 is secure.. He thanked WalletConnect, Tether, Chainalytic, and ZachXBT for their help during this difficult time.
As many users mentioned on X (Twitter), The breach affected a variety of dApps.It may also potentially affect other programs similar to LedgerHQ/connect-kit, including Zapper, SushiSwap, Phantom, Balancer, and Revoke.cash. What’s worth noting is Any Ethereum Virtual Machine user who interacted with the affected dApp may have been affected by the breach..
The original expected price was $484,000; The impact of the hack later increased to $504,000.According to Web3 security service Blockaid.
Ain is a senior cryptocurrency researcher. Her vast experience with content related to cryptocurrency and blockchain technology allows her to identify key information that should be presented to learners and ensure the validity of the data collected.
With a degree in New Media Studies, she has developed an extensive repertoire of skills to educate people through new, research-proven research models based on reasoning and human long-term memory.
Ain approaches everything with great care. Her main goal is to remove the ambiguity surrounding many Web3 concepts and guide content writers in presenting difficult cryptography-related concepts in an easy-to-understand manner.
Although content strategy is her main passion, Ain also enjoys reading fantasy books and watching superhero movies.