How Ledger Connect Hacker Tricked Users into Making Malicious Approvals
According to has Cyvers, THE attacker cause malicious coded has be inserted In several application user interfaces, allowing THE exploiter has silly users In confirming transactions.
Follow
up
Join
We
on
social
networks
THE 'Register pirate' WHO siphoned far has less $484,000 Since several Web3 apps on Dec. 14 did SO by deception Web3 users In manufacturing malicious token approvals, according to has THE team behind blockchain security platform Cyvers.
According to has public declarations do by several evenings implied, THE To hack occurred on THE Morning of Dec. 14. THE attacker used A Phishing exploit has compromise THE computer of A ancient register employee, earn to access has THE employees node wrap director javascript (NPMJS) account.
We to have identified And deleted A malicious version of THE register Connect Kit.
A authentic version East be pushed has replace THE malicious deposit NOW. Do not interact with any of them dApps For THE moment. We will keep You informed as THE situation evolves.
Your register device and…
— register (@Register) December 14, 2023Once they won to access, they downloaded A malicious update has register Log in GitHub deposit. register Connect East A commonly used wrap For Web3 applications.
A few Web3 apps upgraded has THE new version, provoking their apps has distribute THE malicious coded has users' browsers. Web3 apps Zap, SushiSwap, Ghost, Balance wheel, And Revoke.cash were infected with THE code.
As A result, THE attacker was able has siphon far has less $484,000 Since users of these applications. Other apps can be affected as GOOD, And experts to have warned that THE vulnerability can distressed...
According to has Cyvers, THE attacker cause malicious coded has be inserted In several application user interfaces, allowing THE exploiter has silly users In confirming transactions.
Follow
up
Join
We
on
social
networks
THE 'Register pirate' WHO siphoned far has less $484,000 Since several Web3 apps on Dec. 14 did SO by deception Web3 users In manufacturing malicious token approvals, according to has THE team behind blockchain security platform Cyvers.
According to has public declarations do by several evenings implied, THE To hack occurred on THE Morning of Dec. 14. THE attacker used A Phishing exploit has compromise THE computer of A ancient register employee, earn to access has THE employees node wrap director javascript (NPMJS) account.
We to have identified And deleted A malicious version of THE register Connect Kit.
A authentic version East be pushed has replace THE malicious deposit NOW. Do not interact with any of them dApps For THE moment. We will keep You informed as THE situation evolves.
Your register device and…
— register (@Register) December 14, 2023Once they won to access, they downloaded A malicious update has register Log in GitHub deposit. register Connect East A commonly used wrap For Web3 applications.
A few Web3 apps upgraded has THE new version, provoking their apps has distribute THE malicious coded has users' browsers. Web3 apps Zap, SushiSwap, Ghost, Balance wheel, And Revoke.cash were infected with THE code.
As A result, THE attacker was able has siphon far has less $484,000 Since users of these applications. Other apps can be affected as GOOD, And experts to have warned that THE vulnerability can distressed...
What's Your Reaction?
