Ledger users lose another 60 BTC to a fake data leak

Unknown attackers continue to rob Ledger hardware-wallet users through a phishing campaign. This time they are offering to update the wallet following an alleged leak of personal data of 115,000 customers. ForkLog said this was reported by a user.

Posing as Ledger chief executive Pascal Gauthier, the hackers claimed that ‘on December 8, security researchers recorded unauthorized third-party access to one of Ledger Live’s internal servers’.

The data breach allegedly affected confidential data of about 115,000 customers, including personal information, private and public keys, and the amount of cryptocurrency stored in the wallet.

An example of a phishing email from the attackers.

‘If you have received this email, you have been affected by the leak. To ensure your assets are safe, install the latest Ledger Live version and follow the instructions to create a new wallet PIN,’ the letter says.

The hackers tailor their operation to the current agenda. On December 8, Ledger Support’s Twitter account did indeed announce the release of a fresh Ledger Live update.

Ledger Live v2.18.0 is out

It brings a rework to our value system and adds some new fiat options

You can also use your own #BTC full node! Keep in mind it’s currently an Experimental Feature

⚠️This update is available within Ledger Live, never click on any email links for it⚠️

— Ledger Support (@Ledger_Support) December 8, 2020

ForkLog has found a new, previously unpublished attacker address. According to blockchain.com, the address was first used on November 29. On December 4, it received 42 BTC in a single transaction.

As of writing, the address holds 60.19 BTC. The last report on it was made on December 11.

ForkLog urges Ledger wallet owners to stay vigilant, not to follow external links, and to verify the information with the company’s official channels.

In late October, Ledger hardware-wallet users have faced a mass phishing attack. The hackers send them emails asking to install an emergency update, through which they gain access to the cryptocurrency.

Earlier victims linked the attack to the July data breach of about a million users from the marketing database. However the wallet developers did not confirm this assumption.

In early November, the stolen funds moved. The hackers transferred 1.15 million XRP in five payments to an address on the Bittrex exchange and sent 107 BTC to two Bitcoin wallets. Later, 51 BTC from this amount ended up on the Binance exchange.

Subscribe to ForkLog’s Telegram updates: ForkLog Feed — the full news feed, ForkLog — the most important news and polls.