According to CryptoPotato, cryptocurrency experts, including on-chain investigator ZachXBT, have identified a vulnerability associated with various Web3 interactions. The issue was found to be related to the library of Ledger, a popular hardware wallet provider. In an official tweet, Ledger confirmed the vulnerability and stated that they have removed a malicious version of the Ledger Connect Kit and are pushing a genuine version to replace the malicious file. The company advised users not to interact with any dApps for the time being and assured that Ledger devices and the Ledger Live app were not compromised.
ZachXBT reported that approximately $610,000 has already been drained due to the vulnerability. Ledger will continue to keep users informed as the situation evolves. This incident highlights the importance of security in the cryptocurrency space, as cybercriminals continue to target vulnerabilities in various platforms and applications.
Cointelegraph