David Do

Ledger has announced a plan to fully compensate the victims following the hacking incident. Ledger has revealed that the hack a week ago resulted in approximately $600,000 worth of user assets being compromised. In response, the leading cryptocurrency hardware wallet brand has announced a solution to prevent similar incidents in the future. One week after the hack, which originated from a vulnerability in the Connect Kit tool developed by Ledger and resulted in the loss of approximately $600,000 worth of user assets, the top crypto hardware wallet brand has announced a plan to fully compensate the victims and address the long-term consequences. As part of this plan, Ledger has committed to fully compensating all victims by the end of February 2024. Additionally, they will collaborate with decentralized application (dApp) platforms that integrate the "Clear Signing" standard instead of "Blind Signing" to prevent similar front-end attacks from occurring in the future. The new standard is expected to be implemented across all Ledger devices and connected dApps starting from June 2024. As previously reported by Coin68, Ledger's library had a vulnerability that exposed popular dApps such as Hey, SushiSwap, Zapper, and token revocation website Revoke to potential risks. The cause was determined to be the malicious code inserted by hackers into the Connect Kit tool developed by Ledger, which allowed the front-end of projects to be compromised, enabling automatic withdrawal of user assets upon any interaction. According to Ledger's explanation, the new "Clear Signing" solution will allow users to safely view and verify the content they are signing on the screen. In contrast to "Blind Signing," where users are unaware of what they are authenticating, there is a risk of being attacked. In their announcement, #Ledger stated that their security team is actively working to address the issue and contacting the victims for prompt compensation. They also urged #dApp developers to swiftly integrate the "Clear Signing" feature to protect users and reassured that Ledger devices or Ledger Live are not affected by this incident.

More than 63,000 investors had $58 million in crypto stolen because of advertising malware In just the past 9 months, "Wallet Drainers" malware has been attached by attackers to impersonating websites to "steal" tens of millions of USD in crypto from users. "Wallet Drainers" is the name of a type of malicious code that automatically withdraws crypto assets from users' Web3 wallets. This type of code is often used by hackers in fraudulent advertising, blockchain supply attacks, phishing attacks, SimSwap attacks... with the aim of gaining illegal profits, causing significant losses to customers. user. Notably, Scam Sniffer security unit recently said it discovered for the first time "Wallet Drainers" appearing on Google search results and X ads (old Twitter). During the past 9 months, this new form of malware has caused more than 63,000 people to become victims of property attacks with total losses of up to 58 million USD. From March 2023 until now, Scam Sniffer confirmed that they have tracked about 10,072 scam websites, combining on-chain data analysis to discover that this method has stolen 58.98 million USD from 63,210 wallet addresses. user. To validate its tracking process, this security unit also coordinated with SlowMist and on-chain detective ZachXBT to jointly investigate more websites with this "Wallet Drainers" malicious code. The results were countless fake crypto project websites with malicious code running ads, including: zapper, lido, stargate, defillama, orbiter finance, radiant. There are even scam ads shown on X (Twitter) called "Ordinals Bubbles". Analyzing further, Scam Sniffer found that these impersonated websites used a variety of different methods to bypass Google and X's advertising censorship system. A commonly used method is the "redirect phishing" technique to make these impersonating websites appear more "reputable". For example: Hackers will make website ads appear at the top of search results and be displayed with the official visit address, but when users click visit they will immediately be redirected to the fake website. name! It is worth mentioning that the source code for setting up and management tool "Wallet Drainers" is openly sold by attackers on forums and programmer groups. Unlike other management tools, the "Wallet Drainers" software, in addition to the selling price, will also charge an additional 20% installation fee. In addition, if users have higher setup needs such as creating fake signatures on Web3 wallet-connected browsers will have to pay extra. It can be seen that impersonation ads have become a "doorway" for scammers to easily reach a large number of victims. They can choose specific targets and launch phishing campaigns using tools that run ads on Google and X continuously at very low costs, but earn profits of up to tens of millions of dollars. In November 2023 alone, crypto attacks "stolen" $340 million in user assets on DeFi platforms #TDR_now #TDR_info #TDR