This is surreal.
The leading Presidential candidate is explicitly saying he will make America the leader in bitcoin & crypto, while supporting the right to self-custody.
All the critics were wrong. The government won’t ban it, they’re embracing it.
We are 100% focused on following up to last week’s security incident, making sure incidents like this are prevented in the future, and that the ecosystem remains safe.
We are aware of approximately $600k in assets impacted, stolen from users blind signing on EVM DApps.
Ledger will make sure victims affected will be made whole, and are committing to work with the DApp ecosystem to allow Clear Signing, and no longer allow Blind Signing with Ledger devices by June 2024.
Read more:
We affirm our CEO & Chairman @_pgauthier’s promise https://t.co/6ScBNshwvV to make sure victims who had their assets stolen on Dec 14th, 2023 by the attacker together with angel drainer are made whole, including users who are not Ledger customers.
We commit, by any way possible, including gestures of goodwill, to make sure this is done by the end of February, 2024. We are already in contact with many impacted users and are actively working through the specifics with them.
We remind users that if you signed a transaction on affected DApps Dec 14th, 2023, best security practices would recommend revoking any authorized transactions to further reduce impact from the malicious code.
We are announcing that by June 2024, users will no longer be able to Blind Sign with Ledger devices. Our commitment is to work with the community and DApp ecosystem to allow Clear Signing so users can verify all transactions on Ledger devices before signing. This will lead to a new standard to protect users and encourage Clear Signing across DApps.
Front-end attacks have happened many times before and will continue to plague our ecosystem. The only foolproof countermeasure for this type of attack is to always verify what you consent to on your device.
This is only possible with Clear Signing: meaning you can see and verify exactly what you sign on a secure display.
If the ecosystem continues to allow Blind Signing, users remain at risk.
We ask DApp developers to support the Clear Signing security brick. Please reach out to us through our Developer portal (https://t.co/KGfFIuQFAs) or Discord (https://t.co/wAsoun1Xlh) so we can work together to add Clear Signing to your DApp.
We have detailed the cause of this hack and our security team’s response to this in a Ledger Connect Kit Incident Report on our Ledger tech and security blog:
https://t.co/pqrhAxGl28
We remind you your Ledger devices and Ledger Live have always been secure to use, and were not made vulnerable by this exploit.
If you believe you may have been affected by the attack, please reach out via our Ledger Help Center to find out more:
https://t.co/g4YV2inCDL
Thank you again, stay safe and Happy Holidays.
🚨We have identified and removed a malicious version of the Ledger Connect Kit. 🚨
A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves.
Your Ledger device and Ledger Live were not compromised.
$LENDS TOKEN GIVEAWAY
Want to get your hands on some precious $LENDS tokens before anyone else?
4 lucky winners will win $500 in $LENDS !!
To enter:
-Follow us on Twitter ✅
-Like and retweet this post ✅
-Join our discord server ✅