Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $60,0000 Theft

The producer of cryptocurrency hardware wallets, Ledger, released an update to its “@ledgerhq/connect-kit” npm module in response to an anonymous threat actor’s malicious code that resulted in the loss of over $600,000 in virtual assets.

The corporation released a statement claiming that the compromise resulted from a former employee falling victim to a phishing attempt.

Through the use of three malicious versions of the module—1.1.5, 1.1.6, and 1.1.7—and the spread of crypto drainer malware to other apps that rely on the module, the attackers were able to access Ledger’s npm account and compromise the software supply chain.

According to Ledger, the malicious code diverted money to a hacker read more Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600000 Theft.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *