Ledger promises to make victims whole after attack

Ledger will remove the ability to Blind Sign by June 2024

article-image

Artwork by Crystal Le

share

Ledger, in an update following last week’s attack, has promised to make users whole.

An attacker phished a former Ledger employee and was able to access the company’s package manager, where they uploaded a malicious code to ConnectKit. The attacker, according to Ledger, made off with $600,000.

“We commit, by any way possible, including gestures of goodwill, to make sure this is done by the end of February 2024. We are already in contact with many impacted users and are actively working through the specifics with them,” the company said in a post on X.

The company will make victims whole in the wake of the attack, and is working with law enforcement to track down the hacker and recover the funds. 

Read more: Ledger says attacker conducted phishing attack on former employee

“Ledger has engaged with authorities and is doing all we can to help as this investigation unfolds. Ledger will support affected users in helping to find this bad actor, bring them to justice, track the funds and work with law enforcement to help recover stolen assets from the hacker,” CEO Paul Gauthier said last week.

Following the attack, Tether froze the attacker’s address, which was also published to Chainalysis.

The attacker’s code was active for roughly five hours. Decentralized exchange SushiSwap alongside Revoke.cash warned that they were impacted. Ledger implemented a fix later the same day.

Additionally, the company plans to end blind signing by June 2024. When signing a transaction, “blind” refers to signing without the wallet offering full visibility or understanding of the transaction details.

In posts on X following the attack, the company pushed users to only use Clear Sign on their transactions.

“In the meantime, we’d like to remind the community to always Clear Sign your transactions — remember that the addresses and the information presented on your Ledger screen is the only genuine information,” Ledger said at the time.

“Our commitment is to work with the community and dapp ecosystem to allow Clear Signing so users can verify all transactions on Ledger devices before signing. This will lead to a new standard to protect users and encourage Clear Signing across dapps,” Ledger said Wednesday.

Ledger’s small display often requires paging through many — sometimes dozens — of screens showing encoded transaction details, which is why users often opted for blind signing.

The company warned that front-end attacks aren’t going away, so the “only foolproof countermeasure for this type of attack is to always verify what you consent to on your device…This is only possible with Clear Signing: meaning you can see and verify exactly what you sign on a secure display.”


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Research Report Templates.png

Research

Pipe Network is a decentralized content delivery network (dCDN) that replaces the sparse, capital intensive data center footprint of traditional CDNs with a permissionless mesh of independent node operators. By orchestrating under-utilized resources that already exist at the edge, rather than purchasing or leasing thousands of servers, Pipe slashes capital intensity while letting supply expand autonomously in the places where bandwidth is scarcest and most expensive.

article-image

Fiscal dominance isn’t about interest rates and it isn’t about Trump, either

article-image

Firestarter Storage brings decentralized storage and delivery to Solana

article-image

After lengthy closing arguments on Wednesday, the case is now in the hands of 12 jurors

article-image

Analysts cite weak trading volume and regulatory progress as factors

article-image

Builders weigh in on Ethereum’s first decade and the decisions that will define its next one

article-image

Closing arguments set to kick off Wednesday after Tuesday’s testimony from two expert witnesses and an a16z partner