Ledger Attack!
On Thursday, hackers stole $484,000 by inserting malicious code into the Github library of Connect Kit, a large-scale piece of blockchain software maintained by crypto wallet company Ledger. Many major decentralized finance (DeFi) protocols that use this library have been affected, and users are warned to avoid using decentralized applications (dApps) until these protocols are updated.
Ledger's Connect Kit is a piece of code that enables DeFi protocols to connect to crypto hardware wallets. There is a vulnerability that potentially impacts the frontend of protocols using this Kit; these include protocols such as Sushi, Lido, Metamask and Coinbase.
In an
