Bit Jungle: 60 million will be invested to build a hardware wallet that will never lose coins

The biggest security risk of wallets comes from the lack of security capabilities of wallet companies. It is very vulnerable to APT attacks and can easily be used as a weapon for supply chain attacks.

This security incident is that after Ledger was APT attacked, its self-developed ledger wallet connector (ledger-connect) was used as a supply chain attack tool, and continued to attack other blockchain applications and ecosystems that used the ledger wallet connector.

According to the security engineers of Bit Jungle, it was found that the npm 1.1.5 to 1.1.7 versions of the ledger are malicious changes, and all projects that use the ledger-connect library will be attacked. **

As of now, Ledger has updated its codebase to version 1.18 to remove malicious code.

Malicious Code Explained:

sushi.com and revoke.cash have malicious code, and it was found that the above-mentioned websites were loaded with the ledger wallet connector (ledger-connect) and were attacked by the supply chain.

The project is injected with the code “****” that can steal virtual currency

Why does this happen?

The root cause is that Ledger is at the top of the market, which makes it have huge attack value, but the security capabilities of Ledger itself are insufficient. In the face of this kind of APT attack, it is very vulnerable, and it is obvious that its entire system has been penetrated by the attack.

Secondly, the application scenarios of Ledger are very rich and complex, and the security protection of applications that use the Ledger wallet connector is also very weak, which in turn leads to further expansion of the attack surface and reduction of the difficulty of attack.

Therefore, the core problem at the bottom is that Ledger does not have security genes and cannot continue to empower the wallet with security, resulting in weak iterative upgrade capabilities of the wallet and unable to cope with the endless new attack scenarios. **

What genes should a good wallet company have?

First, the blockchain security gene can empower the wallet with targeted and in-depth security;

Second, financial genes, wallets are financial products, which need financial attributes to make everyone more willing to use them;

Third, wallets are hardware products, which involve capital and supply chain management, and the threshold is quite high.

Fourth, the user trust of the wallet requires at least 5 years of continuous operation and accumulation;

Fifth, we must have the original intention of never doing evil.

As a self-made fintech company with blockchain security at its core, we were born with this mission: to build a wallet that never loses coins!

As a result, Bit Jungle has decided to launch a hardware wallet business, which is scheduled to be officially launched in mid-2024. **Our initial funding target is $10 million to accelerate the growth and rollout of our hardware wallet business. **

Bit Jungle will redefine hardware wallets and bring the track back to security. We welcome potential investors to join us and work together to build a new era of secure and innovative digital asset storage!

Pictured is Eric, the founder of Bit Jungle 12/13/23 Prophecy Wallet Security Core Issues