Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
Tether freezes wallet of Ledger library exploiter; Ledger provides more details

Tether freezes wallet of Ledger library exploiter; Ledger provides more details

The BlockThe Block2023/12/14 16:45
By:The Block

Quick Take Tether froze an address with funds stolen by the Ledger code library exploiter. Ledger said its former employee was compromised in a phishing attack.

Tether freezes wallet of Ledger library exploiter; Ledger provides more details image 0

Tether, the company behind the USDT +0.35% stablecoin, froze the address of an attacker who drained funds from several protocols, Tether CTO Paolo Ardoino wrote on X on Wednesday. 

The address received around $483,000 of various assets, according to wallet analytics site DeBank , including $44,000 in USDT. The wallet also interacted with the AngelDrainer phishing group and sent 4.334 ETH to its wallets.

Tether freezing the wallet means that it can no longer send any USDT in the wallet to other addresses. The wallet is still able to make other transactions.

Researchers earlier reported that Ledger ConnectKit library, a code repository used by the hardware wallet provider Ledger, was hacked and injected with a malicious code draining victims' wallets. As a result, front-ends of various DeFi protocols became vulnerable. 

Kyber and RevokeCash disabled their front-ends and Sushi Swap CTO Matthew Lilley warned users to not interact with any dapps at all on Wednesday morning.

A patch is out

Ledger wrote on X that the company has already issued a patch now available in the Ledger Connect Kit version 1.1.8. The company said its former employee fell victim to a phishing attack, which enabled the attacker to gain access to their account and add new code.

"The attacker published a malicious version of the Ledger Connect Kit (affecting versions 1.1.5, 1.1.6, and 1.1.7). The malicious code used a rogue WalletConnect project to reroute funds to a hacker wallet," the ledger team wrote, adding that the company was alerted of the incident and deployed a fix within 40 minutes.

"The malicious file was live for around 5 hours, however we believe the window where funds were drained was limited to a period of less than two hours," Ledger wrote, thanking WalletConnect service, Tether, blockchain analytics firm Chainalysis and on-chain sleuth ZachXBT for help.


0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!