Ledger: 9500 victims of phishing attack
Ledger: 9500 victims of phishing attack

Ledger: 9500 victims of phishing attack

By Alfredo de Candia - 11 Nov 2020

Chevron down

Many people in recent weeks have received a text message from Ledger but it was a phishing attack.

In the messages, the criminals used the name of the famous company behind the famous hardware wallet inviting users to update the device by following the link provided.

Following the incident, Kraken carried out an in-depth analysis, and a few days ago they released a report in which all the details and methodology of the attack involving thousands of users can be understood.

This is not a firmware vulnerability, as it happened in the past, but a phishing attack, which consists in retrieving users’ private information to trick them into giving up their private keys, seed and more.

The phishing attack against Ledger users

The story started from one or more data breaches that the Ledger company suffered when thousands of data ended up in the hands of criminals. We are also talking about phone numbers, since some users have received an SMS directly on their number.

9500 users were affected by this phishing attack.

In the case of e-mail communication, the address didn’t raise even the slightest suspicion, seeing that “[email protected]” seemed legitimate because most crypto platforms use that type of extension.

Within the message, there was also a button inviting the user to click to update the device to the latest version, which took the victim to a perfectly cloned site where the user would download the desktop update containing malware.

Once the update process had started, the malware would ask the victim to enter the recovery phrase, and once it had been entered, it would reach the criminals who could then drain the victim’s funds.

Ledger obviously did not stand by and immediately acted to warn users of the incident and the attack that was going on.

As many as 42 websites that could mislead the users were thus blacked out, while a legal procedure was opened by the police in order to trace the criminals.


Alfredo de Candia

Android developer for over 8 years with a dozen of developed apps, Alfredo at age 21 has climbed Mount Fuji following the saying: "He who climbs Mount Fuji once in his life is a wise man, who climbs him twice is a Crazy". Among his app we find a Japanese database, a spam and virus database, the most complete database on Anime and Manga series birthdays and a shitcoin database. Sunday Miner, Alfredo has a passion for crypto and is a fan of EOS.

We use cookies to make sure you can have the best experience on our site. If you continue to use this site we will assume that you are happy with it.