Ledger’s employee became a victim of a phishing attack. Thereby compromising associated partners, including the likes of MetaMask and Sushi.com. Ledger has propagated the latest version to the public, enabling them to interact with the platform as usual. Sushi.com is now next in line to have fixed the issue after MetaMask confirmed that its users were never at risk, recommending them to be careful nonetheless.
Sushi.com, in the announcement, said that it had successfully removed the compromised Ledger Connector, which was injected with malicious code. That was helping the hacker redirect funds to their wallets. While precise details are a bit unclear, Suchi.com has asked its users not to respond to the “Connect Wallet’ pop-up unless it comes up due to their action. Any kind of unexpected appearance of the pop-up could potentially drain funds from the wallet.
Developers and users have been recommended not to interact with any dApp until further notice. The issue has been resolved with Sushi.com removing the Ledger connector, which was compromised, and functionalities are back to normal. However, users are still advised not to interact with any decentralized application until they are sure of its security. Any suspicion must be reported and taken as a hint that they should not proceed with the interaction.
Additionally, users are recommended to remove all the connected sites from their wallets and have patience to the point at which they can work on the platform normally.
The community has responded positively to this action. Most of them have congratulated the team for taking swift action to protect its users’ funds. Others have pitched their suggestions, asking everyone to clear the browser cache to prevent compromised libraries from being fetched.
The Chief Technology Officer of Sushi.com has also acknowledged the issue and asked the community to take all possible precautions.
The Ledger has published a thorough timeline of events. According to the report, the situation began when an employee granted phishing access to their NPMJS account. This enabled the hacker to deploy the malicious version of the platform, which was operational for around 5 hours. The effective window for draining funds is believed to be two hours.
Action has been taken, and an investigation is underway with the Ledger coordinating with Law Enforcement to catch the culprit.
It has again raised concerns about malicious incidents happening in the digital space. Interestingly, such attacks are on the rise when it comes to the crypto market. There is a dire need to control them at the earliest because, at the end, the ones to suffer are the community members, with effects evident in the trading value of native tokens.
SUSHI, at the time of drafting this piece, is down by 3.47% to exchange hands at $1.16. Its market cap has also slipped by 3.48%, with an increase of 46.49% in the 24-hour trading volume.