Ledger promises to make victims whole after attack

Ledger will remove the ability to Blind Sign by June 2024


Artwork by Crystal Le


Ledger, in an update following last week’s attack, has promised to make users whole.

An attacker phished a former Ledger employee and was able to access the company’s package manager, where they uploaded a malicious code to ConnectKit. The attacker, according to Ledger, made off with $600,000.

“We commit, by any way possible, including gestures of goodwill, to make sure this is done by the end of February 2024. We are already in contact with many impacted users and are actively working through the specifics with them,” the company said in a post on X.

The company will make victims whole in the wake of the attack, and is working with law enforcement to track down the hacker and recover the funds. 

Read more: Ledger says attacker conducted phishing attack on former employee

“Ledger has engaged with authorities and is doing all we can to help as this investigation unfolds. Ledger will support affected users in helping to find this bad actor, bring them to justice, track the funds and work with law enforcement to help recover stolen assets from the hacker,” CEO Paul Gauthier said last week.

Following the attack, Tether froze the attacker’s address, which was also published to Chainalysis.

The attacker’s code was active for roughly five hours. Decentralized exchange SushiSwap alongside Revoke.cash warned that they were impacted. Ledger implemented a fix later the same day.

Additionally, the company plans to end blind signing by June 2024. When signing a transaction, “blind” refers to signing without the wallet offering full visibility or understanding of the transaction details.

In posts on X following the attack, the company pushed users to only use Clear Sign on their transactions.

“In the meantime, we’d like to remind the community to always Clear Sign your transactions — remember that the addresses and the information presented on your Ledger screen is the only genuine information,” Ledger said at the time.

“Our commitment is to work with the community and dapp ecosystem to allow Clear Signing so users can verify all transactions on Ledger devices before signing. This will lead to a new standard to protect users and encourage Clear Signing across dapps,” Ledger said Wednesday.

Ledger’s small display often requires paging through many — sometimes dozens — of screens showing encoded transaction details, which is why users often opted for blind signing.

The company warned that front-end attacks aren’t going away, so the “only foolproof countermeasure for this type of attack is to always verify what you consent to on your device…This is only possible with Clear Signing: meaning you can see and verify exactly what you sign on a secure display.”

Start your day with top crypto insights from David Canellis and Katherine Ross. Subscribe to the Empire newsletter.

Explore the growing intersection between crypto, macroeconomics, policy and finance with Ben Strack, Casey Wagner and Felix Jauvin. Subscribe to the On the Margin newsletter.

The Lightspeed newsletter is all things Solana, in your inbox, every day. Subscribe to daily Solana news from Jack Kubinec and Jeff Albus.


Upcoming Events

Salt Lake City, UT

MON - TUES, OCT. 7 - 8, 2023

Blockworks and Bankless in collaboration with buidlbox are excited to announce the second installment of the Permissionless Hackathon – taking place October 7-8 in Salt Lake City, Utah. We’ve partnered with buidlbox to bring together the brightest minds in crypto for […]

Salt Lake City, UT

WED - FRI, OCTOBER 9 - 11, 2024

Pack your bags, anon — we’re heading west! Join us in the beautiful Salt Lake City for the third installment of Permissionless. Come for the alpha, stay for the fresh air. Permissionless III promises unforgettable panels, killer networking opportunities, and mountains […]

recent research

Unlocked by Template.png


With the spot ETH ETF approval, the institutions are coming. stETH - given its dominance in marketshare, existing liquid market structures, and highly desirable properties - is poised for institutions.


Plus, the rise of RWAs could bring about a significant shift in how real-world investments are managed and accessed


The distributed cell plan provider started selling its own hotspots in October 2023


The Brazil-based asset manager’s filing comes during a year of milestone bitcoin and ether fund approvals


The purchase of five sites in Georgia set to help CleanSpark hit its mid-year operating hash rate target of 20 EH/s


Plus, it’s beginning to look like we may be in for a cruel summer



Engaging with XDC provides access to cutting-edge financial tools and places investors at the forefront of the trade finance revolution