Ledger NPM Repo Hacked Through a Spear Phishing Attack on an Employee

15 December 2023

In a recent turn of events, Ledger, a prominent hardware wallet provider, faced a security breach that sent shockwaves through the cryptocurrency community. The breach, initiated by a malevolent version of the npm package @ledgerhq/connect-kit, posed a severe risk to users’ digital assets. Security research firm SlowMist Team sounded the alarm, unveiling a covert threat within the @ledgerhq/connect-kit package on the npm repository. Ledger This malicious package harbored a concealed backdoor capable of pilfering users’ private keys—a potential catastrophe for those invested in the volatile world of cryptocurrency.

Source: GBHackers

Date:

15 December 2023

Categorie(s):

NEWS

Tag(s):

Attacks, Cyber Attack, Cyber Security News, Employee, Hacked

Disinformation: EU Opens Probe Against Facebook and Instagram Ahead of Election30 April 2024
FCC fines major wireless carriers over illegal location data sharing30 April 2024
Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades30 April 2024
Palo Alto Networks launches Prisma SASE 3.0 for enhanced device security30 April 2024
European Commission starts formal probe of Meta over election misinformation30 April 2024