Hackers launch mass phishing campaign impersonating Exodus, echoing Ledger

Wallet owners began receiving phishing messages demanding software updates due to an alleged vulnerability. Similar messages had previously been sent to Ledger users, in an attempt to steal their confidential information.

🚨ALERT🚨 scammers from @Ledger leak are trying to use others wallets/companies for the same scam @exodus_io be careful out there my family ❤️ #Ledgerhack #Ledger #BTC pic.twitter.com/aZZ394LioG

— Ending TheFed 🇩🇴 (@ThefedEnding) January 22, 2021

According to several Twitter users, the scammers acting on behalf of Exodus claimed that on January 18 a number of the company’s servers were allegedly infected with malware, resulting in data from almost 94,000 customers being compromised. To protect users’ assets, they asked them to update their seed phrase and wallet PIN.

Since the #Ledgerhack I also receive phishing e-mails referring to wallet providers I've never used or signed up, e.g. @exodus_io . It is the same text as in the phishing e-mails related to @Ledger pic.twitter.com/4rJn8eNjL8

— Hagbard (@_hundredeyes) January 21, 2021

As reported on June 25, 2020, data over a million Ledger users leaked online. An unknown party gained access to email addresses, names, phone numbers of users, as well as information about the products purchased and delivery addresses.

In late October, a user going by Polaris posted the database on the hacker forum exploit.in. User hyperdrill bought the data for 5 BTC.

On December 21, data were made publicly available through the Raidforums forum, where anyone could download them.

Last week Ledger Nano wallet owners began receiving threats from unknown attackers demanding a ransom of 0.3 BTC or 10 ETH. The letters contained the victim's full name and residential address, as well as threats of physical harm if the conditions were not met within 24 hours.

F**k sake!

This is my actual home address in the email.

I don’t even know what to say, but @Ledger you absolutely useless waste of space.

Stay safe everyone 🙏🏾 $VET #VeChain #VeFam #VTHO #VET #CryptoFam pic.twitter.com/T3gLuU7gsg

— Saleh Ahmed Ⓥ (@SalehAhmedd_) January 14, 2021

As of writing, the bitcoin- and Ethereum-wallets mentioned in the emails {{AOPEN_4}}are empty{{ACLOSE_4}}. Threats began the day after Ledger announced that data for another roughly 20,000 users had leaked through Shopify, and blamed the platform's support team.

The Ledger developers announced a reward of 10 BTC for help in locating the cybercriminals responsible for a string of attacks and data leaks.

Subscribe to ForkLog news on Twitter.