Ledger: Malicious code has been disabled, and users can safely use the Ledger Connect Kit

ChainCatcher message, Ledger stated on social media that the official Ledger Connect Kit version 1.1.8 has now been pushed. Ledger and WalletConnect confirmed that the malicious code has been disabled. Users can safely use the Ledger Connect Kit, but it is recommended that users wait 24 hours and clear their browser cache.

Previously, hackers exploited a vulnerability in the Ledger Connect Kit to steal approximately $484,000 in assets.

Slow Mist founder Yu Sen emphasized that the Ledger wallet itself was not affected; the affected parties are some DApps that rely on the Ledger module.