In response to a security breach last week that resulted in the theft of $600,000 of user assets, hardware wallet manufacturer Ledger have pledged to remove Blind Signing – where transactions are displayed in code, rather than plain language – by June 2024.
In a statement, Ledger also announced its commitment to “work with the community and DApp ecosystem” to further the adoption of Clear Signing – where transactions are displayed in plain language – wherever possible, in an effort to enhance security and protect end users.
The company has stated it will compensate affected victims of the security breach by the end of February 2024.
We are 100% focused on following up to last week’s security incident, making sure incidents like this are prevented in the future, and that the ecosystem remains safe.
We are aware of approximately $600k in assets impacted, stolen from users blind signing on EVM DApps.
Ledger…
— Ledger (@Ledger) December 20, 2023
Ledger CEO Makes Personal Commitment
On X, Ledger’s CEO & Chairman Pascal Gauthier made a personal commitment that users affected by the security breach, including those who are not Ledger customers, will be assisted in helping to recover their assets. As confirmed by Ledger on X, the commitment extends to resolving the matter, including gestures of goodwill, by the end of February 2024.
The company is already in communication with impacted users, actively working through the specifics of compensation.
Users who signed transactions on affected DApps on December 14 are advised to revoke any authorized transactions as a security measure against potential fallout from the security breach.
My personal commitment: Ledger will dedicate as much internal and external resources as possible to help the affected individuals recover their assets.
— Pascal Gauthier @Ledger (@_pgauthier) December 14, 2023
A detailed incident report, outlining the cause of the hack and the response from Ledger’s security team, is now available on Ledger’s tech and security blog. Despite the breach, Ledger has emphasized that Ledger devices and the Ledger Live service remain secure and were not compromised by the exploit.
Want more? Connect with NFT Plazas
Join the Weekly Newsletter
Join our Discord
Follow us on Twitter
Like us on Facebook
Follow us on Instagram
*All investment/financial opinions expressed by NFT Plazas are from the personal research and experience of our site moderators and are intended as educational material only. Individuals are required to fully research any product prior to making any kind of investment.
COO of NFT Plazas. Bullish on web3. Competitive soul.
nftplazas.com