Decrypting the Ledger connect-kit compromise: A deep dive into the crypto drainer attack

Earlier today, Ledger, a maker of hardware wallets for storing crypto, announced that they had identified malicious software embedded in one of their open source packages called @ledgerhq/connect-kit. This package is widely used as a connector between distributed blockchain applications and crypto wallets that back them up. This analysis delves into the specifics of the versions 1.1.5 to 1.1.7 compromise, cataloged in our data under sonatype-2023-4890.

applications attack back blockchain called compromise connect connector crypto crypto wallets deep dive devzone distributed dive embedded hardware kit ledger malicious malicious software malware prevention open source open source packages package packages software sonatype lifecycle sonatype repository firewall today vulnerabilities wallets