Ledger Connect Kit Hack
Check if your address is affected.
Discovered On | 2023-12-14 |
Stolen Amount | $610k |
Affected Networks | |
Read More | www.coindesk.com, www.ledger.com, revoke.cash |
Description
Over $600k has been stolen from users of many different crypto websites, including SushiSwap and Revoke.cash. This hack is a result of a vulnerability in the Ledger Connect Kit library, which is used by many crypto websites to connect to Ledger hardware wallets. The vulnerable library allowed hackers to inject a malicious script into these popular crypto websites. Many websites, like SushiSwap and Revoke.cash were quick to take their websites offline and remove the affected library. Most big websites were able to remove the library within a few hours, but some websites took longer to mitigate the issue. Because it is not known how many websites were affected, we recommend to check if you're affected by this hack if you used any crypto websites on the 14th of December 2023.
Affected users remain at risk as long as they haven't revoked their approvals, so it is recommended to use the Revoke.cash Exploit Checker below to make sure that you're safe.