The R Roundup
Posts
The R Roundup : Ledger Library $400k+ Exploit🚫 - Issue #119

The R Roundup : Ledger Library $400k+ Exploit🚫 - Issue #119

Issue #119 : Web 3 News Headlines Of The Week

The R Roundup.sol
December 17, 2023

The R Roundup : Ledger Library $400k+ Exploit🚫 - Issue #119

Tether, the company overseeing the stablecoin USDT, has taken action by freezing the wallet address of an attacker responsible for siphoning funds from multiple protocols.

Paolo Ardoino, Tether's CTO, announced the freeze on X, specifying that the address had received approximately $483,000 in various assets, including $44,000 in USDT, and had interacted with the AngelDrainer phishing group, transferring 4.334 ETH to their wallets.

This move effectively prevents the wallet from sending any USDT to other addresses while allowing other transactions to proceed. The incident stemmed from the exploitation of Ledger's ConnectKit library, impacting the wallets of unsuspecting victims. Consequently, several DeFi protocol front-ends, like Kyber and RevokeCash, disabled their interfaces, with Sushi Swap's CTO advising users to avoid all dApps for safety.

Addressing the issue, Ledger swiftly released a patch—version 1.1.8 of the Ledger Connect Kit—to rectify the situation. They disclosed that a former employee had fallen victim to a phishing attack, enabling the hacker to manipulate the Connect Kit code, and funneling funds to an unauthorized wallet.

UPDATE: The genuine Ledger Connect Kit 1.1.8 is now fully propagated. Ledger and WalletConnect can confirm that the malicious code was deactivated. You are now safe to use your Ledger Connect Kit. Reminder that that we always encourage clear signing. twitter.com/i/web/status/1…
— Ledger (@Ledger)
6:45 PM • Dec 14, 2023

The malicious code persisted for roughly five hours, yet Ledger estimates that the actual fund drain occurred within a limited two-hour timeframe. They expressed gratitude to various entities, including WalletConnect, Tether, Chainalysis, and ZachXBT, for their collaborative efforts in resolving the issue promptly.

Chainlink Data Feeds On Polygon's zkEVM 🌐

The integration of Chainlink's data feeds into Polygon's zkEVM presents a pivotal opportunity for developers working within Polygon's layer 2 zero-knowledge rollup.

Chainlink, renowned for its blockchain data-oracle capabilities, has extended its data feeds to facilitate integration for these developers.

These data feeds play a crucial role by bridging smart contracts to real-world information encompassing asset prices, reserve balances, NFT floor prices, and L2 sequencer health.

By leveraging Chainlink's data feeds, developers on Polygon's zkEVM gain the ability to embed this real-time data directly into their on-chain applications. This integration promises to be particularly valuable for various applications such as liquidity protocols and decentralized exchanges operating within the Polygon ecosystem.

DeFi is financial inclusion
DeFi is 10x long with your friends
DeFi is bear market building
DeFi is a fear of @functi0nZer0
DeFi is zk
DeFi is on Polygon with @chainlink
go.polygon.technology/41nkAPa
— Polygon (Labs) (@0xPolygonLabs)
7:04 PM • Dec 14, 2023

Marc Borion, CEO of Polygon Labs, highlighted the significance of this functionality, noting its potential to unlock the deployment of significant DeFi protocols on Polygon's zkEVM in the early months of the upcoming year. This collaboration stands poised to enhance the capabilities and scope of decentralized finance on Polygon's blockchain infrastructure.

Stop Missing Crypto News Anon 🚨👋

We know the market is starting to look even more interesting than ever however…DON’T IGNORE THE NEWS📰

Get your FREE fix of frequent accurate, user-focused & rapid news from RR 👇

Subscribe | The R Roundup

The R Roundup is a news platform inspired to deliver unbiased news and authentic education.

www.therroundup.com/subscribe

Red Bull F1 Team NFTs 🏎️

The Red Bull Formula 1 team has announced the launch of NFTs commemorating their triumphant 2023 season, where drivers Max Verstappen and Sergio Pérez secured the top two positions, solidifying Red Bull's status as the leading team.

These non-fungible tokens (NFTs) will be minted on Sui, a blockchain developed by Mysten Labs, and will showcase unique artwork crafted by Automobilist, a distinguished design studio renowned for its dedication to motorsport aesthetics.

This initiative serves as a means for the team to foster deeper connections and engagement with fans globally, utilizing Web3 technologies like NFTs as digital collectibles. It aligns with a broader trend within the sports industry, where significant leagues and players have delved into Web3, evident in ventures such as NBA Top Shot by Dapper Labs and Candy Digital's MLB NFTs.

This move by Red Bull signifies a shift in leveraging digital assets to engage fans and immortalize memorable sporting achievements in the realm of NFTs, reflecting the evolving landscape of sports memorabilia in the digital era.

SafeMoon Files For Chapter 7 Bankruptcy ⚖️

SafeMoon, a decentralized finance (DeFi) protocol, has filed for Chapter 7 bankruptcy protection subsequent to facing serious allegations of fraud and an unregistered offering of cryptocurrency securities by the U.S. Securities and Exchange Commission (SEC).

The bankruptcy petition, submitted to the United States Bankruptcy Court in Utah, discloses SafeMoon US LLC's estimated assets, ranging from $10 million to $50 million, contrasted with liabilities estimated between $100,001 to $500,000Shroomtoshi described the collection as a homage to Bitcoin's 13-year history, showcasing private keys, nods to Mt. Gox, anonymity, and more, possibly featuring iconic characters from franchises like Batman and Super Mario. Shroomtoshi remains anonymous, yet the BitcoinShrooms X account boasts 13,000 followers.

The SEC's charges against SafeMoon and its executives—specifically Kyle Nagy, John Karony, and Thomas Smith—accuse them of misleading investors about potential profits and misappropriating funds for personal use. Notably, Karony and Smith have been arrested, while Nagy remains at large. Allegedly, amidst SafeMoon's market capitalization surge beyond $8 billion, the accused diverted significant sums from purportedly 'locked' liquidity for their own gain.

Following these developments, the value of SafeMoon tokens plummeted by 14.4% within 24 hours, as reported by CoinGecko, indicating the significant impact of these legal challenges on the cryptocurrency's market performance.

A Week At RR📆

Check out this week’s content published to stay up to date with the latest research trends & crypto talking points👇

RRUPDATES📍: Inside The Ledger Connect Breach: Web 3 Apps Lose $484,000 In Sophisticated Attack😳

In a meticulously executed breach on December 14, the 'Ledger hacker' pilfered a minimum of $484,000 from various Web3 applications by manipulating users into unknowingly authorizing malicious token approvals, as reported by blockchain security platform Cyvers.

www.therroundup.com/p/rrupdates-inside-ledger-connect-breach-web-3-apps-lose-484000-sophisticated-attack

RR Files🗂️

Wondering what we are reading this week at RR?

Worry no further!’

We're basically seeing this meme IRL right now.
Imagine you're at a family dinner with your uncle (at the left) who works at Wall Street trading stocks.
You're the guy on the right and have just made $10m in $BONK starting from $16k.
— Route 2 FI (@Route2FI)
12:09 PM • Dec 15, 2023

Name: Mutant Mudder.
Performance: Not great.
Smell: Bad.
Owner: @karaholiday17.
— Bored Ape Yacht Club (@BoredApeYC)
9:54 PM • Dec 15, 2023

Created in the last 12 minutes
on solana
$2k marketcap
17 owners
anonymous devs
no socials
— CryptoCharles (@CryptoCharles__)
9:02 PM • Dec 15, 2023

Avalanche $AVAX has soared 300% in less than 3 months, but it’s just started.
I believe generational wealth is waiting to be found on this chain with their:
- Ecosystem
- Airdrops
- Memes
- Tech
Here’s how you find it (mega thread): 🧵👇
— hoeem (@crypthoem)
8:32 PM • Dec 15, 2023

Q: How hard are your balls?
A: I'm shorting $BONK
If you can with stand the 1-2 punch with 1. Funding rate and 2. power of left-curved uponly graph (and see your position get erased like your childhood dreams)
then you deserve the win king
— Garlam (@GarlamWON)
9:45 AM • Dec 15, 2023

What a patient and smart trader!
After 10 months of accumulation, this trader ushered in the surge of $BONK.
He/she sold 48B $BONK for 17,677 $SOL($1.36M) after #Binance announced the listing of $BONK.
And currently holds 274.4B $BONK($8.33M), the total profit exceeded $9M!
— Lookonchain (@lookonchain)
10:33 AM • Dec 15, 2023

BREAKING: The $BONK airdropped to each of the 75 devs who received a DVT-1 beta of the @solanamobile Saga Phone in January 2023 now worth over $4.2M
— Chris | Dialect 📟 (@aliquotchris)
1:48 PM • Dec 15, 2023

gonna let you guys in on a secret, watch the holder count on the lowcaps, how fast its increasing paired wif how active the meme is on socials is v good signal for future virality
— Ansem 🐂🀄️ (@blknoiz06)
5:04 AM • Dec 15, 2023

As a reminder, this is not a trading signal or investment advice; it is an opinion, and each trader/investor should know and understand the risks of trading cryptocurrencies.

This should not be regarded as financial advice; feel free to familiarise yourself with our NFA disclaimer.

Reply

or to participate.