Hardware wallet provider Ledger has announced its intention to reimburse victims for the approximately $600,000 in assets lost due to the recent ConnectKit exploit.
In a December 20 statement on X (formerly Twitter), the firm assured that the lost assets would be reimbursed before the end of February 2024.
We are 100% focused on following up to last week’s security incident, making sure incidents like this are prevented in the future, and that the ecosystem remains safe.
We are aware of approximately $600k in assets impacted, stolen from users blind signing on EVM DApps.
Ledger…
— Ledger (@Ledger) December 20, 2023
The crypto waller manufacturer also revealed it has reached out to the impacted victims and is actively working through all recovery specifics to ensure a seamless payment process.
Meanwhile, users who signed transactions on all exploited decentralized applications (dApps) connected to ConnectKit are advised to revoke all authorized transactions to minimize potential risks associated with the breach.
On December 14, cryptonews reported that the user interfaces of several dApps utilizing Ledger’s ConnectKit, including Zapper, SushiSwap, Phantom, Balancer, and Revoke.cash, were compromised.
Read more on cryptonews.com