Ledger Connect Kit Hack

Check if your address is affected.

Discovered On2023-12-14
Stolen Amount$610k
Affected Networks
Ethereum Mainnet (Unsupported) Logo
BNB Smart Chain Mainnet (Unsupported) Logo
Polygon Mainnet (Unsupported) Logo
Arbitrum One (Unsupported) Logo
OP Mainnet (Unsupported) Logo
Avalanche C-Chain (Unsupported) Logo
Base (Unsupported) Logo
Fantom Opera (Unsupported) Logo
Read Morewww.coindesk.com, www.ledger.com, revoke.cash

Description

Over $600k has been stolen from users of many different crypto websites, including SushiSwap and Revoke.cash. This hack is a result of a vulnerability in the Ledger Connect Kit library, which is used by many crypto websites to connect to Ledger hardware wallets. The vulnerable library allowed hackers to inject a malicious script into these popular crypto websites. Many websites, like SushiSwap and Revoke.cash were quick to take their websites offline and remove the affected library. Most big websites were able to remove the library within a few hours, but some websites took longer to mitigate the issue. Because it is not known how many websites were affected, we recommend to check if you're affected by this hack if you used any crypto websites on the 14th of December 2023.

Affected users remain at risk as long as they haven't revoked their approvals, so it is recommended to use the Revoke.cash Exploit Checker below to make sure that you're safe.

Back to Exploits

© 2023 Revoke.cash

NotCommon Verified
English
English