The organizers of the phishing attack against Ledger hardware-wallet users moved 51 BTC to the Binance exchange. The Telegram channel reported this, via Goldfoundinshit TM.
Funds from one of the hacker wallets arrived at the trading platform directly, without using mixers.
According to Goldfoundinshit TM, the attackers registered several accounts on Binance and sent no more than 2 BTC to each of them, in order not to exceed the verification threshold.
“The phishers used several iterations from the main wallet. They sent a small amount directly to the deposit address, and the main amount later,” wrote the Telegram channel.
According to the Crypto AML Telegram bot, the original hacker wallet poses a 100% risk and contains stolen coins. The risk for the other attacker addresses is also above 50%.
Source: Telegram channel Goldfoundinshit TM.
Update: Binance representatives told ForkLog that for AML and blockchain analytics the exchange uses professional products, not random Telegram bots.
“Bots, such as Whale Alert and similar services, often mislabel addresses as belonging to Binance,” they noted.
Back in October, Ledger began receiving phishing emails that urged users to install an emergency update. Through this, hackers gained access to the cryptocurrency.
The victims linked the attack to the July data breach of about a million users from a marketing database. However the wallet developers said they have not yet been able to confirm this hypothesis.
In early November, the stolen funds moved. The hackers sent 107 BTC to two Bitcoin wallets and transferred 1.15 million XRP in five payments to the Bittrex exchange address.
Subscribe to ForkLog news on Telegram: ForkLog Feed — the full feed of news, ForkLog — the most important news and polls.