Ledger, in an update following last week’s attack, has promised to make users whole.

An attacker phished a former Ledger employee and was able to access the company’s package manager, where they uploaded a malicious code to ConnectKit. The attacker, according to Ledger, made off with $600,000.

“We commit, by any way possible, including gestures of goodwill, to make sure this is done by the end of February 2024. We are already in contact with many impacted users and are actively working through the specifics with them,” the company said in a post on X.

The company will make victims whole in the wake of the attack, and is working with law enforcement to track down the hacker and…

Read more on Blockworks