Although Ledger has updated its own code, Ido Ben-Natan, the CEO of blockchain security firm Blockaid told CoinDesk in a Telegram message that “many websites are still affected and users are getting hit.” For the risk to be completely mitigated, every protocol using Ledger’s Connect Kit has to manually update their version of the library. In the meantime, several protocols remain at risk, specifically revoke.cash, which is a service that is used to remove permissions from DeFi protocols.
Ledger Exploit Drained $484K, Upended DeFi; Former Staffer Linked to Malicious Code
