Cyber criminals have once again launched a phishing attack targeting users of the Ledger hardware wallet. Several users took to social media to detail the phishing attempts which they described as “very convincing.”
The attackers allegedly sent an email to Ledger users telling them that their wallets had been compromised in a security breach affecting thousands of users. They claimed that the attack happened on October 24 and that the Ledger security team isn’t able to assess the level of damage to the users.
“In order to protect your assets, please download the latest version of Ledger Live and follow the instructions to set up a new PIN to your wallet,” the email reads. It then directs the user to a download link on a fake website set up to steal the user’s credentials.
One Ledger user, web developer Andreas Tasch, detailed the phishing attack on Twitter.
— ndeet ∞/21M (@ndeet) October 25, 2020
In response, a Ledger spokesperson revealed that the company has started an internal investigation into the attack. Ledger has continued to experience phishing attempts that involve the criminals “trying to compromise Ledger’s integrity and customer information.”
The spokesperson added, “The investigation is ongoing and at this time we cannot give any additional information, but one thing is for certain, Ledger will never ask you for your 24-word recovery phrase, which is a blatant sign of a phishing scam.”
Ledger was the victim of a data breach in June 2020 in which hackers stole data of over 1 million users. As CoinGeek reported, the company claimed the hackers had accessed its e-commerce and marketing database through an API key. Ledger didn’t discover the breach until three weeks later when a security researcher participating in bounty program stumbled upon it.
The relation between the June data breach and the current phishing attack is unclear. On its part, Ledger refused to confirm whether the two are related. However, the customers are asking questions.
One wrote on Twitter, “I have never received any info that my data was compromised in July like you wrote. This means either the breach was bigger and more customers than expected were affected or there was a new breach. Which is it?”
While announcing the June data breach, Ledger claimed that all the customers affected by the breach had received an email.
See also: CoinGeek Live panel on the Future of Digital Asset Security & Custody
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.