Are Crypto Cold Wallets Safe? Ledger Cites “Phishing Attack” behind the Hack

Friday, 15/12/2023 | 06:57 GMT by Arnab Shome
  • The hardware crypto wallet manufacturer calls the attack an “isolated incident.”
  • Hackers targeted a Javascript library used by DeFi platforms to connect with the hardware wallet.
ledger-nano-s-fold-medium
The Ledger Nano S hardware wallet

The safety of cold crypto wallets is now in question following the cyberattack on Ledger, one of the popular cold crypto wallets, and the theft of $484,000 in digital currencies. Ledger explained that its security was breached as “a former employee falling victim to a phishing attack.”

Several DeFi Protocols Are Now at Risk

As pointed out by blockchain analysts and confirmed by Ledger, hackers inserted a piece of malicious code into the GitHub library for Connect Kit, a javascript library widely used by the wallet platform.

Connect Kit enables decentralized finance (DeFi) protocols to connect with the hardware wallet. The nature of usability of the piece of code has now put several other DeFi platforms that use it at security risk. Sushi, Lido, Metamask, and Coinbase are only a few names using the Connect Kit.

Ledger has already confirmed that it has removed the malicious code. However, users are still at risk, as according to blockchain analysts, every protocol using Connect Kit needs to update their version manually.

“We worked swiftly, alongside our partner WalletConnect, to address the exploit, updating the NPMJS to remove and deactivate the malicious code within 40 minutes of discovery. This is a good example of the industry working swiftly together to address security challenges,” Ledger’s Chairman and CEO, Pascal Gauthier, wrote in a blog post.

Addressing the phishing attack on the former employee, he added: “This was an unfortunate isolated incident. It is a reminder that security is not static, and Ledger must continuously improve our security systems and processes.”

Raising Questions on the Cold Wallets’ Safety

Attacks on crypto exchanges and wallets are not new. Billions of dollars worth of crypto have been siphoned from these platforms. However, cryptocurrencies stored in cold wallet platforms are (or at least were) considered safe as these hardware platforms stay offline.

The latest attack on Ledger has now brought the risks against such cold crypto wallets to the surface.

“Ledger has engaged with authorities and is doing all we can to help as this investigation unfolds. Ledger will support affected users in helping to find this bad actor, bring them to justice, track the funds, and work with law enforcement to help recover stolen assets from the hacker,” Gauthier added.

The safety of cold crypto wallets is now in question following the cyberattack on Ledger, one of the popular cold crypto wallets, and the theft of $484,000 in digital currencies. Ledger explained that its security was breached as “a former employee falling victim to a phishing attack.”

Several DeFi Protocols Are Now at Risk

As pointed out by blockchain analysts and confirmed by Ledger, hackers inserted a piece of malicious code into the GitHub library for Connect Kit, a javascript library widely used by the wallet platform.

Connect Kit enables decentralized finance (DeFi) protocols to connect with the hardware wallet. The nature of usability of the piece of code has now put several other DeFi platforms that use it at security risk. Sushi, Lido, Metamask, and Coinbase are only a few names using the Connect Kit.

Ledger has already confirmed that it has removed the malicious code. However, users are still at risk, as according to blockchain analysts, every protocol using Connect Kit needs to update their version manually.

“We worked swiftly, alongside our partner WalletConnect, to address the exploit, updating the NPMJS to remove and deactivate the malicious code within 40 minutes of discovery. This is a good example of the industry working swiftly together to address security challenges,” Ledger’s Chairman and CEO, Pascal Gauthier, wrote in a blog post.

Addressing the phishing attack on the former employee, he added: “This was an unfortunate isolated incident. It is a reminder that security is not static, and Ledger must continuously improve our security systems and processes.”

Raising Questions on the Cold Wallets’ Safety

Attacks on crypto exchanges and wallets are not new. Billions of dollars worth of crypto have been siphoned from these platforms. However, cryptocurrencies stored in cold wallet platforms are (or at least were) considered safe as these hardware platforms stay offline.

The latest attack on Ledger has now brought the risks against such cold crypto wallets to the surface.

“Ledger has engaged with authorities and is doing all we can to help as this investigation unfolds. Ledger will support affected users in helping to find this bad actor, bring them to justice, track the funds, and work with law enforcement to help recover stolen assets from the hacker,” Gauthier added.

About the Author: Arnab Shome
Arnab Shome
  • 6656 Articles
  • 102 Followers
About the Author: Arnab Shome
Arnab is an electronics engineer-turned-financial editor. He entered the industry covering the cryptocurrency market for Finance Magnates and later expanded his reach to forex as well. He is passionate about the changing regulatory landscape on financial markets and keenly follows the disruptions in the industry with new-age technologies.
  • 6656 Articles
  • 102 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}