‘Wallet drainer’ code added to Ledger library has crypto on edge

Users of crypto web apps are being warned to avoid the platforms until investigations into a potential cybersecurity incident affecting hardware wallet Ledger play out.

Notices of what’s believed to be malicious code were shared on social media Thursday morning, found in software libraries for Ledger’s ConnectKit, which connects blockchain apps with Ledger devices.

Decentralized exchange SushiSwap took its front-end web app offline soon after the warnings.

“We’ve identified a critical issue the ledger connector has been compromised, potentially allowing the injection of malicious code affecting various dApps,” SushiSwap posted. 

“If you have the Sushi page open and see an…

Read more on Blockworks

24.9K Reads