NFT News by Thebittimes.Com

SushiSwap Chief Technical Officer Mathew Lilley has disclosed the compromise of a widely employed web3 connector within Ledger’s delivery network.  The breach has enabled malicious code injection into numerous decentralized applications ( dapps ).  Removal of malicious provider  Lilley contended that Ledger’s content delivery network was compromised, leading to the loading of JavaScript from the compromised network. RED ALERT : Do not interact with ANY dApps until further notice. It appears that a commonly used web3 connector has been compromised which allows for injection of malicious code affecting numerous dApps. — I'm Software (@MatthewLilley) December 14, 2023 The compromised Ledger connector library , widely employed by various dapps and overseen by Ledger, has seen the addition of a wallet drainer. While assets may not be drained automatically from a user’s account, prompts from browser wallets like MetaMask could potentially provide ma...

Also Read: Ledger Controversy: Ripple CTO Shares 7 Key Strategies to End Current Debacle advertisement Ledger CEO Apologizes Pascal Gauthier, the Chairman and CEO of Ledger , said the company did not intend to surprise users over the seed phrase recovery concerns. However, the CEO said the company will priorititize security and increased transparency going forward. Hence, he said, the company decided to accelerate its open sourcing plans. The open source code from Ledger will include the operating system, starting with core components of the OS, and Ledger Recover, which won’t be released until this work is complete, the CEO said in a statement. This means the key recovery feature’s release has been postponed until completion. “Our unintentional communication mistake took everyone by surprise and affected our customer’s ability to accurately understand Ledger Recover, its role for the growing crypto community, and for Ledger ...