Ledger Exploit Exposes DeFi Vulnerabilities and Raises Concerns in Crypto Community

Hackers exploited a malicious code inserted into the Github library for Ledger's Connect Kit, a widely-used blockchain software, stealing $484,000 and impacting several major decentralized finance (DeFi) protocols. Ledger confirmed that an employee was targeted in a phishing attack, resulting in the publication of the malicious code. Users have been warned to avoid using dApps until the protocols are updated. While Ledger has removed the malicious version, every protocol using Connect Kit must manually update their library to mitigate the risk. The hack highlights the vulnerability of decentralized applications and the potential points of failure in the supply chain.