The Ledger Connect Kit software of the Paris-based business was compromised by a phishing attempt targeting a former worker.
During transactions using decentralised applications, or dapps, that utilised the compromised software, the hacker released malicious code that routed user funds to their own wallet.
Source: https://www.databreaches.net/crypto-wallet-maker-ledger-to-reimburse-hack-victims/
TPRM report: https://scoringcyber.rankiteo.com/company/ledgerhq
"id": "led743221223",
"linkid": "ledgerhq",
"type": "Breach",
"date": "12/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Technology',
'location': 'Paris',
'name': 'Ledger',
'type': 'Business'}],
'attack_vector': 'Phishing',
'description': 'The Ledger Connect Kit software of the Paris-based business '
'was compromised by a phishing attempt targeting a former '
'worker. During transactions using decentralised applications, '
'or dapps, that utilised the compromised software, the hacker '
'released malicious code that routed user funds to their own '
'wallet.',
'impact': {'systems_affected': ['Ledger Connect Kit Software']},
'initial_access_broker': {'entry_point': 'Phishing email targeting former '
'worker'},
'motivation': 'Financial gain',
'post_incident_analysis': {'root_causes': 'Phishing attack on former worker'},
'threat_actor': 'Unknown hacker',
'title': 'Phishing Attack on Ledger Connect Kit Software',
'type': 'Phishing Attack',
'vulnerability_exploited': 'Compromised software via phishing'}