Cryptocurrency experts, including popular on-chain investigator ZachXBT, took notice of an ongoing vulnerability associated with various Web3 interactions.
It turns out that the problem had to do with the library of Ledger – the popular hardware wallet provider.
In an official tweet, the company confirmed the vulnerability:
We have identified and removed a malicious version of the Ledger Connect Kit.
A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves.
The company also confirmed that Ledger devices and the Ledger Live app were not compromised.
Meanwhile, ZachXBT outlined that some $610K appears to have already been drained.
looks like $610K+ drained
drainer customer
0x658729879fca881d9526480b82ae00efc54b5c2d
drainer fee address
0x412f10AAd96fD78da6736387e2C84931Ac20313f pic.twitter.com/Rld2BsKNDo— ZachXBT (@zachxbt) December 14, 2023
Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).
Credit: Source link