Crypto web app users are advised to avoid platforms pending investigations into a potential cybersecurity incident affecting Ledger hardware wallets. Notices of malicious code were discovered in software libraries for Ledger’s ConnectKit, used by blockchain apps to connect with Ledger devices. Web3-focused cybersecurity firm BlockAid reported losses of at least $150,000 due to the malicious code impacting production websites. While Ledger users are not at risk if they refrain from transactions, some websites are still affected, and users may face more severe consequences. SushiSwap and Revoke.cash took their front-end web apps offline in response to the compromise.
More to follow………