News View Non-AMP

Hackers Stole $484K In Ledger Supply Chain Attack; Tether Steps In by Freezing Funds

Published by
Shayan Chowdhury

Recently, a supply chain attack targeted leading cryptocurrency wallet provider Ledger, compromising its front-end services through the introduction of malicious code. This breach resulted in the loss of crypto assets valued in the hundreds of thousands, affecting various decentralized protocols and users so far.

Hackers Stole Nearly $484K From Ledger

Hackers stole $484,000 by embedding harmful code into the Github library of Connect Kit, a prominent blockchain software managed by crypto wallet company Ledger. This infiltration has affected numerous key decentralized finance (DeFi) protocols relying on the library. Users are being cautioned to refrain from using decentralized apps (dApps) until these systems receive updates.

The interfaces of several decentralized applications (DApps) utilizing Ledger’s connector, such as Zapper, SushiSwap, Phantom, Balancer, and Revoke.cash, were breached. Approximately three hours following the detection of this security incident, Ledger announced that the compromised file version had been substituted with the authentic version around 1:35 pm UTC.

By the time Ledger responded, the hacker had already siphoned off over $484K in cryptocurrency, as reported by Lookonchain. The perpetrator transferred 4.334 Ethereum to Angel Drainer, which currently holds about $363K in crypto assets. Meanwhile, Tether has frozen the account’s ability to transfer $44K in USDT, leaving approximately $412K in STETH, USDC, and other digital assets.

The recent security breach also impacted MetaMask users. The wallet provider has implemented a corrective update for its platform. They announced that users with the most recent version, v2.121.0, should now be able to carry out transactions normally and will receive updates automatically. MetaMask advises users not on this version to refresh their site data to ensure safety and functionality.

Users Are Still At Risk

Despite Ledger updating its own code, Ido Ben-Natan, the CEO of blockchain security firm Blockaid said that “many websites are still vulnerable, and users continue to face risks.” To fully eliminate the risk, every protocol utilizing Ledger’s Connect Kit must manually update their library version. In the meantime, certain protocols, notably revoke.cash, which serves to revoke permissions from DeFi protocols, remain exposed.

Ben-Natan cautioned, “Revoke.cash, in particular, is susceptible, so it’s advisable not to engage with it. In the past two hours alone, hundreds of thousands of dollars have been affected.”

This year has witnessed a high frequency of DeFi-related hacks, with a massive $300 million stolen in July alone due to exploits targeting Curve Finance and Multichain. Following such security breaches, users often turn to websites like revoke.cash to revoke permissions from affected protocols.

In this case, the impact has primarily affected the front-end of websites, rather than hot wallets. As a result, users of revoke.cash will encounter a prompt to link their wallets to a malicious token drainer, thereby expanding the potential range of the hack to encompass all assets within a user’s wallet.

Shayan Chowdhury

Shayan is a digital nomad and a professional journalist. He delivers high-quality engaging articles to Coinpedia through his in-depth research and analysis.

Recent Posts

Bitwise Amends S-1 Filings for Spot Dogecoin ETF and Aptos ETFs: Approvals on Track?

Bitwise Asset Management filed amended S-1 registration statements with the United States Securities and Exchange…

June 27, 2025

Top Reasons Why Bitcoin Price May Retest $92k First Before Reaching $120k in the Midterm

Bitcoin (BTC) price has experienced heightened resistance around $108k in the past few days amid…

June 27, 2025

XRP Price Prediction, Next 100x meme coin : How Can XRP Push Past $5 Before the End of 2025?

XRP’s Setup Signals Breakout Potential XRP is showing strong recovery signs as analysts project a…

June 26, 2025

Kaanch Network Just Became the Most Talked-About Layer 1 Token on Crypto X

Kaanch is fast becoming one of the outstanding tokens in Crypto X which is attracting…

June 26, 2025

Ruvi AI (RUVI) Takes Notes from Avalanche’s (AVAX) Rise, Utility Focus and Passed Audit Put It on the Right Path

Avalanche took the crypto world by storm with its ability to deliver scalable and efficient…

June 26, 2025

Ledger and Chorus One to Boost ETH Staking with MEV Max Integration

Ethereum staking has grown from a niche activity into a foundational element of the blockchain…

June 26, 2025