In a significant development within the cryptocurrency sector, Tether, the organisation behind the prominent USDT stablecoin, has taken decisive action against a cyberattacker. This response came after the attacker exploited a vulnerability in the Ledger ConnectKit library, leading to substantial fund drainage from various decentralized finance (DeFi) protocols. Tether’s Chief Technology Officer, Paolo Ardoino, announced the company’s intervention on Wednesday.
According to DeBank, a wallet analytics platform, the attacker’s address accrued approximately $483,000 in diverse assets. This included $44,000 in USDT and 4.334 ETH, sent to wallets associated with the AngelDrainer phishing group. Tether’s intervention has rendered the USDT within the compromised wallet immovable, although other transactions from this wallet remain possible.
Ledger, a leading hardware wallet provider, acknowledged that their Ledger ConnectKit library was hacked, attributing the breach to a phishing attack on a former employee. This security lapse rendered the front ends of various DeFi protocols susceptible to exploitation.
Response from the crypto community
In reaction to the breach, DeFi protocols such as Kyber and RevokeCash temporarily disabled their front ends. Matthew Lilley, the CTO of Sushi Swap, advised users to refrain from interacting with any dapps (decentralised applications) until the issue was resolved. Ledger’s team promptly issued a patch, now available in the Ledger Connect Kit version 1.1.8, to address the vulnerability.
The compromised versions (1.1.5, 1.1.6, and 1.1.7) of the Ledger ConnectKit contained malicious code that redirected funds to the hacker’s wallet through a rogue WalletConnect project. The ledger team reported that the infected file was active for approximately five hours, but the window for fund drainage was under two hours.
The swift resolution of the incident was attributed to the collaborative efforts of various entities in the cryptocurrency ecosystem, including WalletConnect service, Tether, blockchain analytics firm Chainalysis, and on-chain investigator ZachXBT.
Tether’s response to Ledger hack strengthens crypto vigilance
This incident underscores the growing concerns over security in the cryptocurrency domain, particularly regarding the safety of assets stored or transacted through digital wallets. The rapid response by Tether and Ledger, along with their collaborators, demonstrates the crypto community’s ability to mobilise against security threats quickly.
However, the breach also highlights the need for heightened vigilance and improved security protocols within the industry. Users of digital wallets and participants in DeFi platforms are advised to stay informed about the latest security updates and best practices to safeguard their assets.
As the cryptocurrency market continues to evolve, such incidents serve as a reminder of the inherent risks associated with digital asset management and the importance of robust security measures. The collaborative effort seen in this instance provides a blueprint for future responses to similar security challenges in the crypto space.
While the Ledger ConnectKit hack posed a significant threat, the effective coordination among various stakeholders in the cryptocurrency community averted a larger disaster. This incident not only highlights the vulnerabilities in digital asset security but also underscores the resilience and responsiveness of the crypto ecosystem in addressing such challenges.