Revoke.cash logo

Ledger Connect Kit Hack

Check if your address is affected.

14 Dec 2023
$610k stolen
Ethereum Logo
BNB Chain Logo
Polygon Logo
Base Logo
Arbitrum Logo
Optimism Logo
Avalanche Logo
Fantom (Unsupported) Logo

Over $600k has been stolen from users of many different crypto websites, including SushiSwap and Revoke.cash. This hack is a result of a vulnerability in the Ledger Connect Kit library, which is used by many crypto websites to connect to Ledger hardware wallets. The vulnerable library allowed hackers to inject a malicious script into these popular crypto websites. Many websites, like SushiSwap and Revoke.cash were quick to take their websites offline and remove the affected library. Most big websites were able to remove the library within a few hours, but some websites took longer to mitigate the issue. Because it is not known how many websites were affected, we recommend to check if you're affected by this hack if you used any crypto websites on the 14th of December 2023.

Affected users remain at risk as long as they haven't revoked their approvals, so it is recommended to use the Revoke.cash Exploit Checker below to make sure that you're safe.

Next time, revoke it automatically

Revoke Ultimate monitors your approvals around the clock and revokes them automatically when an exploit like this one is identified, even while you sleep.

See how Auto-Revoking works
Get Ultimate
Back to Exploits