On Thursday, a shocking event unfolded in the world of blockchain technology. Hackers managed to steal $484,000 by injecting harmful code into the Github library of Connect Kit, a key blockchain tool developed by crypto wallet company Ledger. This breach has affected several prominent decentralized finance (DeFi) protocols, causing widespread concern. Users are being cautioned to steer clear of decentralized apps (dApps) until updates rectify these vulnerabilities.
The Connect Kit Vulnerability
Connect Kit, an integral code piece by Ledger, enables DeFi protocols to interface with cryptocurrency hardware wallets. Unfortunately, this exploit threatens the front-end of every protocol utilizing Connect Kit. This includes notable entities like Sushi, Lido, Metamask, and Coinbase.
Ledger’s Response to the Security Breach
Ledger has publicly acknowledged the incident. An employee fell victim to a phishing attack, leading to the release of a malicious version of Ledger’s Connect Kit. Despite Ledger’s quick response in updating its code, the malicious version remained active for nearly two hours, during which funds were siphoned off.
Continuing Risks and Warnings
According to Ido Ben-Natan, CEO of Blockaid, a blockchain security firm, the risk is far from over. Many websites are still compromised, and users continue to face threats. The complete mitigation of risk requires every protocol that uses Ledger’s Connect Kit to manually update their library version. Revoke.cash, a service for removing permissions from DeFi protocols, is particularly vulnerable and should be avoided.
This hack is not an isolated incident in the DeFi world. July alone saw $303 million stolen due to vulnerabilities in Curve Finance and Multichain. Users typically rely on services like revoke.cash to remove permissions from affected protocols. However, in this case, using revoke.cash could lead users to inadvertently connect their wallets to a token drainer, thereby increasing the hack’s impact. MetaMask has already implemented a fix to eliminate the malicious code.
The Fragility of Decentralized Applications
This exploit highlights the inherent risks in decentralized applications. As these protocols rely on code from various software providers, including Ledger, they are exposed to multiple potential failure points. Such incidents not only disrupt services but also significantly affect users relying on these technologies.
