Ledger users report mass phishing attack

Ledger hardware wallet users reported receiving phishing emails offering an urgent update.

Half-awake on a Sunday morning… I almost fell for this @Ledger scam email. Scams are getting more convincing. Always check Twitter before you take action on an email like this. A breach like this would be major news. pic.twitter.com/wucK2j9cNc

— Chris Blec (@ChrisBlec) October 25, 2020

In their letter, attackers claim that on October 24 Ledger’s team allegedly detected malware infection on Ledger Live servers affecting about 85,000 customers.

“Your address was among those affected by the breach. We believe there is a risk of theft of your cryptocurrency assets. To protect them, download the latest version of Ledger Live and follow the instructions to set a new PIN for your wallet,” the letter states.

User Chris Blec noted that he received the letter at the email address he used to purchase Ledger goods. He later linked the phishing campaign to the Ledger user data leak in the summer of 2020.

Other Ledger hardware wallet owners also received the messages:

This is actually the most professional phishing attempt I’ve seen which wasn’t really spearphishing, and actually fooled me (into zero cost response of investigating, not clicking). Congrats! pic.twitter.com/ke9ErC5yUk

— Ryan Lackey (@octal) October 25, 2020

@Ledger I have fishing emails.
Can you maybe track the IP address if they used a know email provider?
Maybe you can track them down?!

— Mr. Nobody 🇳🇱 (@MrNobod79977306) October 25, 2020

I received two extremely well crafted phishing emails this morning from what appeared to be https://t.co/Jaigrm6R9g. The download pointed to ledgersupport dot io server from which to download app, in Panama… @Ledger_Support
Is this related to the email leak in June? https://t.co/Out37DMv9s

— Philippe Tarbouriech (@phitar) October 25, 2020

@Ledger I have fishing emails.
Can you maybe track the IP address if they used a know email provider?
Maybe you can track them down?!

— Mr. Nobody 🇳🇱 (@MrNobod79977306) October 25, 2020

Earlier in July, unknown attackers gained access to a database containing email and postal addresses, names, phone numbers and information about products purchased from the company, through a vulnerability in Ledger’s API key.

Developers confirmed a data breach affecting around one million users, but assured that payments data, bank card information and cryptocurrency account details were not compromised.

Subscribe to ForkLog news on Telegram: ForkLog Feed — the full news feed, ForkLog — the most important news and polls.