Decentralized finance encounters waves: SushiSwap CTO warns of Web3 connector risks, Ledger may be suspected of suspicious code
In an incident that has shocked the decentralized finance (DeFi) industry, SushiSwap’s chief technology officer Matthew Lilley has issued a warning that a widely used web3 connector has been compromised, leading to the injection of malicious code, Wu said. Several decentralized applications (dApps) have had a negative impact. This incident attracted widespread attention from the community, and the Ledger wallet was also mentioned as having the risk of suspicious code.
Lilley tweeted that users are strongly advised not to interact with any dApps until further notice. He revealed that the destruction of the web3 connector resulted in potential security vulnerabilities that may threaten the security of users’ digital assets.
Blockaid has detected a potential supply chain attack in the ledgerconnect suite, where attackers injected malicious payload into the popular NPM package. This has had a significant impact on dApps such as SushiSwap and hey.
Revoke.cash said that multiple popular crypto applications, including Revoke.cash, that integrate the Ledger ConnectKit library have been compromised. As a precautionary measure, the website has been temporarily closed.
This incident triggered concerns about security throughout the DeFi community, especially the protection of users’ digital assets. SushiSwap CTO’s warning and doubts about the Ledger wallet have made industry practitioners and investors more alert, emphasizing the importance of security review and emergency response. The development of this incident will continue to attract attention, and the industry may further strengthen its emphasis on the security and reliability of DeFi infrastructure.
