The safety of cold crypto wallets is now in question following the cyberattack on Ledger, one of the popular cold crypto wallets, and the theft of $484,000 in digital currencies. Ledger explained that its security was breached as “a former employee falling victim to a phishing attack.”
Several DeFi Protocols Are Now at Risk
As pointed out by blockchain analysts and confirmed by Ledger, hackers inserted a piece of malicious code into the GitHub library for Connect Kit, a javascript library widely used by the wallet platform.
Connect Kit enables decentralized finance (DeFi) protocols to connect with the hardware wallet. The nature of usability of the piece of code has now put several other DeFi platforms that use it at security risk. Sushi, Lido, Metamask, and Coinbase are only a few names using the Connect Kit.
Ledger has already confirmed that it has removed the malicious code. However, users are still at risk, as according to blockchain analysts, every protocol using Connect Kit needs to update their version manually.
“We worked swiftly, alongside our partner WalletConnect, to address the exploit, updating the NPMJS to remove and deactivate the malicious code within 40 minutes of discovery. This is a good example of the industry working swiftly together to address security challenges,” Ledger’s Chairman and CEO, Pascal Gauthier, wrote in a blog post.
Addressing the phishing attack on the former employee, he added: “This was an unfortunate isolated incident. It is a reminder that security is not static, and Ledger must continuously improve our security systems and processes.”
Raising Questions on the Cold Wallets’ Safety
Attacks on crypto exchanges and wallets are not new. Billions of dollars worth of crypto have been siphoned from these platforms. However, cryptocurrencies stored in cold wallet platforms are (or at least were) considered safe as these hardware platforms stay offline.
The latest attack on Ledger has now brought the risks against such cold crypto wallets to the surface.
“Ledger has engaged with authorities and is doing all we can to help as this investigation unfolds. Ledger will support affected users in helping to find this bad actor, bring them to justice, track the funds, and work with law enforcement to help recover stolen assets from the hacker,” Gauthier added.