David Do

@BrangLache37318 Finally, an ethical move by Ledger! It's about time they took responsibility for the hacking victims' losses.

Ledger has announced a plan to fully compensate the victims following the hacking incident. Ledger has revealed that the hack a week ago resulted in approximately $600,000 worth of user assets being compromised. In response, the leading cryptocurrency hardware wallet brand has announced a solution to prevent similar incidents in the future. One week after the hack, which originated from a vulnerability in the Connect Kit tool developed by Ledger and resulted in the loss of approximately $600,000 worth of user assets, the top crypto hardware wallet brand has announced a plan to fully compensate the victims and address the long-term consequences. As part of this plan, Ledger has committed to fully compensating all victims by the end of February 2024. Additionally, they will collaborate with decentralized application (dApp) platforms that integrate the "Clear Signing" standard instead of "Blind Signing" to prevent similar front-end attacks from occurring in the future. The new standard is expected to be implemented across all Ledger devices and connected dApps starting from June 2024. As previously reported by Coin68, Ledger's library had a vulnerability that exposed popular dApps such as Hey, SushiSwap, Zapper, and token revocation website Revoke to potential risks. The cause was determined to be the malicious code inserted by hackers into the Connect Kit tool developed by Ledger, which allowed the front-end of projects to be compromised, enabling automatic withdrawal of user assets upon any interaction. According to Ledger's explanation, the new "Clear Signing" solution will allow users to safely view and verify the content they are signing on the screen. In contrast to "Blind Signing," where users are unaware of what they are authenticating, there is a risk of being attacked. In their announcement, #Ledger stated that their security team is actively working to address the issue and contacting the victims for prompt compensation. They also urged #dApp developers to swiftly integrate the "Clear Signing" feature to protect users and reassured that Ledger devices or Ledger Live are not affected by this incident.

@PurdueShir59801 That's great to hear! Ledger stepping up and taking responsibility for the hacking incident is commendable.

@CuongDovan8 Ledger plans to provide full compensation to victims affected by the recent hacking incident, which compromised around $600,000 worth of user assets.

@vaughn_kri14593 Wow, that's a decent move by Ledger! Hopefully, this compensation will help the affected victims recover their losses.

@JenniferMo93891 That's great news! Kudos to Ledger for prioritizing their users' security and taking responsibility for the hack.

@Hachau98834680 Cảm ơn bạn đã chia sẻ thông tin chi tiết, chúc bạn và gia đình có một buổi tối vui vẻ và ấm áp nhé!

@CuongDovan8 Cảm ơn bạn đã chia sẻ nhé, bài viết rất chi tiết. Chúc bạn và gia đình buổi tối vui vẻ và ấm áp nha

@conangthienyet Wow, hacking seems to be happening all the time in this market. Scary!

@CuongDovan8 lại là hack nó xảy ra suốt trên thị trường này

@MinhHanh6868 This article provides really useful knowledge for those who are curious about this topic. Thank you for sharing!

@CuongDovan8 Good morning 🌞đến thăm b đây♥️cảm ơn kiến thức b chia sẻ, nó rất lợi ích cho những ai đang tâm cr

@cris_hung28 "Nothing beats a peaceful afternoon, enjoying simple pleasures with loved ones. 💆‍♀️💙"

@CuongDovan8 Buổi chiều an lành nha bạn

@MaiHo1802 Glad to hear that Ledger is taking immediate action and prioritizing the safety of their users.

@CuongDovan8 Ledger's security team is actively addressing the issue and ensuring prompt compensation for affected users.

@RDiedra62008 Wow, so impressed with Ledger's commitment to their users! It's great to see them taking responsibility and making things right.

@CuongDovan8 Ledger will reimburse affected users for the full value of their compromised assets.

@myle_96 That's fantastic news! Looking forward to seeing the amazing possibilities that come with decentralized application platforms.

@CuongDovan8 they will collaborate with decentralized application (dApp) platforms

@Benative_06 Wow, this new standard for Ledger devices sounds promising! Can't wait for it to be implemented next year! 👍

@CuongDovan8 The new standard is expected to be deployed on all connected Ledger bad Apps devices starting June next year.

@ntphat2617 Wow, that's great! I hope your luck continues throughout the day!

@CuongDovan8 Buổi sáng nhiều may mắn nha bạn tôi

@vananh113399 @CuongDovan8 Thanks for sharing this helpful info! Good luck and may success be with you always.

@CuongDovan8 Thank you for sharing useful information with everyone. Wishing you luck and success in life

@NguynNg18258388 Finally some justice for the victims. It's about time they get the compensation they deserve!

More than 63,000 investors had $58 million in crypto stolen because of advertising malware In just the past 9 months, "Wallet Drainers" malware has been attached by attackers to impersonating websites to "steal" tens of millions of USD in crypto from users. "Wallet Drainers" is the name of a type of malicious code that automatically withdraws crypto assets from users' Web3 wallets. This type of code is often used by hackers in fraudulent advertising, blockchain supply attacks, phishing attacks, SimSwap attacks... with the aim of gaining illegal profits, causing significant losses to customers. user. Notably, Scam Sniffer security unit recently said it discovered for the first time "Wallet Drainers" appearing on Google search results and X ads (old Twitter). During the past 9 months, this new form of malware has caused more than 63,000 people to become victims of property attacks with total losses of up to 58 million USD. From March 2023 until now, Scam Sniffer confirmed that they have tracked about 10,072 scam websites, combining on-chain data analysis to discover that this method has stolen 58.98 million USD from 63,210 wallet addresses. user. To validate its tracking process, this security unit also coordinated with SlowMist and on-chain detective ZachXBT to jointly investigate more websites with this "Wallet Drainers" malicious code. The results were countless fake crypto project websites with malicious code running ads, including: zapper, lido, stargate, defillama, orbiter finance, radiant. There are even scam ads shown on X (Twitter) called "Ordinals Bubbles". Analyzing further, Scam Sniffer found that these impersonated websites used a variety of different methods to bypass Google and X's advertising censorship system. A commonly used method is the "redirect phishing" technique to make these impersonating websites appear more "reputable". For example: Hackers will make website ads appear at the top of search results and be displayed with the official visit address, but when users click visit they will immediately be redirected to the fake website. name! It is worth mentioning that the source code for setting up and management tool "Wallet Drainers" is openly sold by attackers on forums and programmer groups. Unlike other management tools, the "Wallet Drainers" software, in addition to the selling price, will also charge an additional 20% installation fee. In addition, if users have higher setup needs such as creating fake signatures on Web3 wallet-connected browsers will have to pay extra. It can be seen that impersonation ads have become a "doorway" for scammers to easily reach a large number of victims. They can choose specific targets and launch phishing campaigns using tools that run ads on Google and X continuously at very low costs, but earn profits of up to tens of millions of dollars. In November 2023 alone, crypto attacks "stolen" $340 million in user assets on DeFi platforms #TDR_now #TDR_info #TDR

@NguynNg18258388 This is an interesting project, I look forward to seeing its progress.

@ivantung_91 Wishing you all a lucky, joyful, and happy day ahead! Let's get ready to celebrate New Year's Eve together tomorrow evening. Enjoy the last day today, everyone!

@callme_Chari Who wants to tell him that he's completely missing the bigger picture here?

He really believes the governor of Texas is causing chaos in our country and not the Biden administration's open border policies. Who wants to tell him?

@GiauNgoUSA As an accountant, I don't have any Pi in my hands, but I do have some financial advice for you!

Pi cua PI nè! Các co chu ! Các co chu co pi trong tay chưa nè?! ..💜💜💜💜💜