Ledger hardware wallet user addressed by the latest phishing campaign

18. Juni 2021

Sophie Müller

Artikel als PDF

Kommentare

Diesen Artikel teilen:

Loading =

fraudsters started another campaign to steal crypto from Ledger-Hardware Wallet users whose data was disclosed in the data breakdown in 2020.
users receive a fake ledger hardware wallet and a letter that proves to replace their existing hardware wallets to secure their money.

In June 2020, an unauthorized third over an API key accessed Ledger's e-commerce and marketing database. According to the company, 1 Million email addresses of its customers were disclosed. Another investigation showed that a sub-group of 9,500 Ledger hardware wallet users was affected. Some of the open data include first names, last names, telephone numbers, ordered products and postal addresses.

In December 2020, data from 272,853 people who bought a Ledger Hardware Wallet were published in a hacking forum called Raidforums. Since then, the affected users have received a number of fake emails with harmful links that are supposed to steal their 24-word recovery phrases.

The latest campaign for ledger users and confirmed by the company is the shipping of fake ledger devices to users to steal their cryptos. These devices are contained in an authentic-looking packaging with an Ledger logo. The box is packed as if it had never been opened, and contains a manipulated ledger letter bag and a fake letter. The letter indicates customers or users to replace their existing hardware wallets to secure their money.

The fraudsters, citing a hack of 2020 https://t.co/ttjspuzxh1 pic.twitter.com/5dytohpzyz

-ico-drops (@icodrops) 18. June 2021

A flash-drive implant was connected to the circuit board, which contains a file with a fake ledger live app. The nano box contains an instruction that calls users to connect the device to your computer. It then asks you to open a drive and carry out the fake Ledger Live app.

Now the trick

Users are asked to enter their 24-word recovery phrase into the fake Ledger live app to initialize the device. The fraudsters are given access to the phrase and use them to generate private keys, import the wallet and access the stored crypto.

A Ledger Nano is not a USB device. It does not contain any application to download and install on your computer. The only way to download the Ledger live app is to use the official download page.

A comparison of the circuit board of the fake and the real ledger shows that the former has been modified. A security researcher and insulting expert for USB cables or implants, Mike Grover, confirmed Bleeping computer that a flash drive is attached to the main register to serve as a malware delivery. , the fake ledger could be a "standard mini flash drive removed from the housing". However, it is difficult to assess whether it is only a storage device, since all components are on the other side.

be suspicious if you receive a free ledger hardware wallet

An update on the Ledger website shows that the phishing campaign has been running since December 2020. The users were initially tempted to download a fake Ledger Live app, with the claim that the website was violated. In January 2021, users were asked to click on a malignant link to confirm whether they tried to connect to their device. The fraudsters have constantly updated their techniques for stealing cryptos of users.

Matt Johnson, Chief Information Security Officer from Ledger, said that the company has aware of the current campaign and added it to its list of ongoing malignant campaigns on its website.

You should be suspicious if you receive a free product by post that you have not ordered and check the official channels from Ledger or contact the Ledger support team.

Source: Crypto-news-flash.com