all InfoSec news
Decrypting the Ledger connect-kit compromise: A deep dive into the crypto drainer attack
Malware Analysis, News and Indicators - Latest topics malware.news
Earlier today, Ledger, a maker of hardware wallets for storing crypto, announced that they had identified malicious software embedded in one of their open source packages called @ledgerhq/connect-kit. This package is widely used as a connector between distributed blockchain applications and crypto wallets that back them up. This analysis delves into the specifics of the versions 1.1.5 to 1.1.7 compromise, cataloged in our data under sonatype-2023-4890.
Article Link: Decrypting the Ledger connect-kit compromise: A deep dive into the crypto …
applications attack back blockchain called compromise connect connector crypto crypto wallets deep dive distributed dive embedded hardware kit ledger malicious malicious software open source open source packages package packages software today wallets