bitcoin
Bitcoin (BTC) $ 52,135.97
ethereum
Ethereum (ETH) $ 2,994.72
tether
Tether (USDT) $ 1.00
bnb
BNB (BNB) $ 354.49
solana
Solana (SOL) $ 107.81
xrp
XRP (XRP) $ 0.564780
staked-ether
Lido Staked Ether (STETH) $ 2,990.90
usd-coin
USDC (USDC) $ 1.00
cardano
Cardano (ADA) $ 0.624597
avalanche-2
Avalanche (AVAX) $ 38.31
dogecoin
Dogecoin (DOGE) $ 0.085615
tron
TRON (TRX) $ 0.138956
chainlink
Chainlink (LINK) $ 19.38
polkadot
Polkadot (DOT) $ 7.70
matic-network
Polygon (MATIC) $ 1.02
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 52,202.99
the-open-network
Toncoin (TON) $ 2.22
internet-computer
Internet Computer (ICP) $ 13.69
shiba-inu
Shiba Inu (SHIB) $ 0.000010
uniswap
Uniswap (UNI) $ 7.54
bitcoin-cash
Bitcoin Cash (BCH) $ 264.17
litecoin
Litecoin (LTC) $ 69.55
dai
Dai (DAI) $ 1.00
immutable-x
Immutable (IMX) $ 3.49
kaspa
Kaspa (KAS) $ 0.180181
leo-token
LEO Token (LEO) $ 4.31
cosmos
Cosmos Hub (ATOM) $ 10.31
optimism
Optimism (OP) $ 4.09
blockstack
Stacks (STX) $ 2.71
filecoin
Filecoin (FIL) $ 7.64
bittensor
Bittensor (TAO) $ 626.90
ethereum-classic
Ethereum Classic (ETC) $ 26.93
hedera-hashgraph
Hedera (HBAR) $ 0.109957
near
NEAR Protocol (NEAR) $ 3.38
aptos
Aptos (APT) $ 9.56
stellar
Stellar (XLM) $ 0.117355
vechain
VeChain (VET) $ 0.044240
injective-protocol
Injective (INJ) $ 36.41
okb
OKB (OKB) $ 50.89
celestia
Celestia (TIA) $ 17.90
lido-dao
Lido DAO (LDO) $ 3.21
first-digital-usd
First Digital USD (FDUSD) $ 0.998518
arbitrum
Arbitrum (ARB) $ 1.97
mantle
Mantle (MNT) $ 0.765315
crypto-com-chain
Cronos (CRO) $ 0.091103
sei-network
Sei (SEI) $ 0.930603
render-token
Render (RNDR) $ 6.19
the-graph
The Graph (GRT) $ 0.240764
monero
Monero (XMR) $ 122.33
sui
Sui (SUI) $ 1.71

Ledger vulnerability put entire DApp ecosystem at risk: Finance Redefined

0

Welcome to Finance Redefined, your weekly dose of essential decentralized finance (DeFi) insights — a newsletter crafted to bring you the most significant developments from the past week.

The past week in DeFi saw an unprecedented chain of events unfold on Dec. 14 when a malicious actor exploited a vulnerability in the Ledger hardware wallet’s connector library. The exploit put the entire decentralized application (DApp) ecosystem at risk. On-chain analysts and DApps like SushiSwap and MetaMask advised users not to interact with their wallets at all.

Ledger released a patch within hours to contain the vulnerability, but the exploiter drained over $650,000 in assets from multiple victims. However, considering the number of wallets and DApps at risk, the drained amount was considerably lower than it could have been.

How the Ledger Connect hacker tricked users into making malicious approvals

The “Ledger hacker,” who siphoned at least $484,000 from multiple Web3 apps on Dec. 14, did so by tricking Web3 users into making malicious token approvals, according to the team behind blockchain security platform Cyvers.

According to public statements made by multiple parties involved, the hack occurred on the morning of Dec. 14. The attacker used a phishing exploit to compromise the computer of a former Ledger employee, gaining access to the employee’s node package manager javascript account.

Continue reading

Ledger patches vulnerability after multiple DApps using connector library were compromised

The front end of multiple decentralized applications (DApps) using Ledger’s connector, including Zapper, SushiSwap, Phantom, Balancer and Revoke.cash were compromised on Dec. 14. Nearly three hours after the security breach was discovered, Ledger reported that the malicious version of the file had been replaced with its genuine version around 1:35 pm UTC.

Ledger is warning users “to always Clear Sign” transactions, adding that the addresses and the information presented on the Ledger screen are the only genuine information. “If there’s a difference between the screen shown on your Ledger device and your computer/phone screen, stop that transaction immediately.”

Continue reading

Yearn.finance pleads with arb traders to return funds after $1.4 million multisig mishap

Decentralized finance protocol Yearn.finance is hoping arbitrage traders will return $1.4 million in funds after a multisignature scripting error drained a large amount of the protocol’s treasury.

“A faulty multisig script caused Yearn’s entire treasury balance of 3,794,894 lp-yCRVv2 tokens to be swapped,” according to a Dec. 11 GitHub post by Yearn contributor “dudesahn.”

Continue reading

OKX DEX suffers $2.7 million exploit after proxy admin contract upgrade

OKX decentralized exchange (DEX) suffered a $2.7 million hack on Dec. 13 after the private key of the proxy admin owner was reported to have been leaked.

On Dec. 13, the blockchain security firm SlowMist Zone posted on X (formerly Twitter) that OKX DEX “encountered an issue.” According to the report, the issue began on Dec. 12, 2023, at approximately 10:23 pm UTC after the proxy admin owner upgraded the DEX proxy contract to a new implementation contract, and the user began to steal tokens.

Continue reading

DeFi market overview

Data from Cointelegraph Markets Pro and TradingView shows that DeFi’s top 100 tokens by market capitalization had a bullish week, with most trading in the green on the weekly charts. The total value locked into DeFi protocols remained above $60 billion.

Thanks for reading our summary of this week’s most impactful DeFi developments. Join us next Friday for more stories, insights and education regarding this dynamically advancing space.

Source link

Leave A Reply

Your email address will not be published.

Shares