- Tether CEO Paolo Ardoino announced that Tether had frozen the address of the Ledger exploiter.
- The address held about $400,000 worth of assets, including 44,000 USDT and a host of altcoins.
- Following the blacklisting of the address becoming public, nearly $160,000 worth of transfers were conducted.
Ledger just witnessed one of the largest exploits on its platform this year, albeit not the biggest. As the hack affected multiple decentralized applications, it sparked a reaction from the entire crypto space. This included the CEO of Tether. USDT, the stablecoin issued by Tether, became the largest exploited asset.
Tether CEO takes action against Ledger exploiter
Tether CEO Paolo Ardoino took to X, formerly Twitter, to announce that the stablecoin issuer had frozen the address of the Ledger exploiter. Over the past five hours, the hacker went after Ledger by injecting malicious code that compromised the ledger connecter as well as various applications and has been transferring the stolen assets out of the wallet.
According to blockchain analysis platform Arkham Intelligence, the hacker’s address, which has now been blacklisted, had about $400,000 worth of assets in it but has since reduced to $253,000.
In the past hour, multiple large transactions have taken place, which show the outflow of about $150,000 worth of assets. The two biggest transactions noted, stETH and USDC, worth $80,000 and $60,000, respectively, flowed out of the address.
Ledger hacker address outflow
The hacker presently cannot process the 44,000 USDT sitting in the address since Tether froze it. While this was appreciated by the community, it also sparked a debate about how centralized Tether really is. Many mocked the decentralization aspect of the company since it managed to take control of the assets in mere hours.
Ledger takes back control
At the time of writing, the issue had been resolved as Ledger patched the vulnerability that allowed the exploit. Ledger further stated,
“We have identified and removed a malicious version of the Ledger Connect Kit.
A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves.
Your Ledger device and Ledger Live were not compromised.
The hardware wallet producer also confirmed that a comprehensive report concerning the entire incident will soon be released. Whether the amount lost during the exploit will be recovered remains uncertain.