Ledger has updated its version of the ConnectKit virus to mitigate the effects of the malicious hack it experienced earlier today.
The protocol announced the release of the most recent genuine version 1.1.8 of the Connect Kit on the X app.
Before attempting to use the software once more, users are advised to update their app and give it a day. Ledger has also reassured users that an investigation is being conducted to determine the scope of the attack and its impact on the protocol.
Ledger provided a timeline that showed the progression of the attack and its discovery. A rug-pull security breach on the Ledger ConnectKit caused an initial loss of roughly $15,000.
A former Ledger employee fell victim to a phishing attack that granted the bad actor access to their NPMJS account. Then, a malicious version of the 1.1.5, 1.1.6, and 1.1.7 versions of the Ledger Connect Kit was released.
The situation was immediately stabilized by calling the security team, and “a fix was deployed within 40 minutes of Ledger becoming aware.”
In collaboration with WalletConnect, a Web3.0 communication protocol, the attack was neutralized. Tether has additionally contributed to strengthening blockchain security and stopping the hacker’s wallet.
Also Read: Ledger Fixes Library Issue, Advises Caution with DApp Links
