Ledger Details
Ledger
Paris, France • employees • Technology
Industry
Technology
Security Incidents
1
Ledger offers certified crypto asset hardware wallets bringing optimal protection level to your bitcoins, ethereums, XRP and more - without sacrificing usability or control.
Security Incidents
Ledger Breach of May 2023
Severity Score
Moderate
Type
UnknownSummary
The Ledger security incident of May 2023 involved an exploit using the Ledger Connect Kit, a JavaScript library connecting websites to crypto wallets. The incident highlighted risks faced by Ledger and the industry in protecting users. The malicious code used a rogue WalletConnect project to redirect assets to hackers' wallets. Ledger was alerted to the attack and deployed a genuine fix within 40 minutes of detection. The incident underscored the importance of raising security standards for DApps and browser-based signing to safeguard user assets.Severity
The Ledger cyber security incident in May 2023 was detected as an exploit using Ledger Connect Kit, highlighting risks in protecting users and the industry's need to enhance security around DApps. The incident involved unauthorized access and malicious code, with an extended availability of the malicious code due to delays in updating caches globally.Impact
The breach impacted Ledger's systems, including Github, SSO based services, internal and external tools, and NPMJS. Assets were rerouted to hackers' wallets through a rogue WalletConnect project, emphasizing the vulnerabilities in digital asset security and the broader implications for the crypto industry.KEEP YOUR ENVIRONMENT SECURE
Weak credentials are the leading cause of breaches. Beyond Identity can help.
See MFA exploits in action
Watch how adversaries exploit companies in quick videos