Tether Freezes Hacker’s Address
Tether has frozen the address of the hacker who drained funds from multiple protocols, effectively immobilizing the stolen USDT. Paolo Ardoino, Tether’s CTO, announced that the address contained approximately $500,000 worth of various assets, including $44,000 in USDT. While the attacker can still perform other transactions, they are unable to transfer any more USDT from the wallet.
Ledger Reveals Hack Details
Ledger has revealed that one of its former employees fell victim to a phishing attack, enabling the hacker to access their account and inject malicious code into the Ledger ConnectKit library. This compromised the interfaces of several DeFi protocols, prompting platforms like Kyber and RevokeCash to temporarily disable their front-end interfaces. Matthew Lilley, the CTO of Sushi Swap, has warned users not to interact with dApps.
Rapid Response and Ecosystem Collaboration
Ledger quickly released a fix, now available in version 1.1.8 of the Ledger Connect Kit. The company deployed a solution within 40 minutes of being alerted to the incident, and the malicious file remained active for only about 5 hours. Ledger has expressed gratitude to WalletConnect, Tether, blockchain analytics firm Chainalysis, and investigator ZachXBT for their assistance. While Ledger has contacted affected users, no details regarding potential compensation have been provided at this time.