Arab Press

بالشعب و للشعب
Thursday, Mar 28, 2024

Ledger Hack Victims Are Receiving fake Crypto Hardware Wallets

Ledger Hack Victims Are Receiving fake Crypto Hardware Wallets

A new hack is claiming victims following the the Ledger data breach of July 2020. The new scam involves sending convincing but fake hardware wallets to victims.

Bitcoin Magazine’s pseudonymous author ‘Namcios’ covered the recent scam, detailing how it was done step by step and the victims lured in. Here’s the story:

Victims of a hack of customer data held by bitcoin hardware wallet provider Ledger, which happened almost a year ago, are still apparently being targeted by scammers. Over 1 million victims of the hack had their details exposed, including their names, phone numbers and email addresses. And more than 200,000 people also had their home addresses breached.

Now, some of the victims appear to be receiving counterfeit hardware wallets through the mail. And a recent Reddit post indicates that the new scam attempt is quite sophisticated.

Reddit user u/jjrand, who self-identified as one of the victims of last year’s Ledger data breach, shared that they received a package that appeared to be from Ledger in the mail, even though they hadn’t ordered one. Although the device was wrapped in seemingly authentic packaging, the user could spot some telltale signs that hinted that it was a fake. The package also included a letter, supposedly from Ledger CEO Pascal Gauthier, though it was poorly written and filled with grammatical and spelling errors.

“As you know, Ledger was targeted by a cyberattack that led to a data breach in July 2020,” read the fake letter. “For this reason for security purposes, we have sent you a new device you must switch to a new device to stay safe. There is a manual inside your new box you can read that to learn how to set up your new device. For this reason, we have changed our device structure. We now guarantee that this kinda breach will never happen again.”

Also in the package was a Ledger Nano X box that seemingly contained a legitimate device. However, the Reddit user became suspicious and opened it, sharing pictures demonstrating that the machine was likely tampered with.

Security researcher Mike Grover analyzed the photos and explained to BleepingComputer how the attackers probably carried out their actions.

“This seems to be a simple flash drive strapped on to the Ledger with the purpose to be for some sort of malware delivery,” Grover told BleepingComputer in a chat about the photos. “All of the components are on the other side, so I can’t confirm if it is JUST a storage device, but…. judging by the very novice soldering work, it’s probably just an off-the-shelf mini flash drive removed from its casing.”

Grove also explained that “those four wires piggyback the same connections for the USB port of the Ledger.”

Previously, the attackers had sent out phishing emails to victims, prompting them to type in their recovery seeds — the 12 or 24 words used to derive one’s private keys, giving anyone who possesses it complete control of the victim’s funds. By tampering with the device, the attackers likely hoped to get their target to type their recovery words into the fake application, which would allow the bad actors to take control of the victim’s funds.

Therefore, this attack is severe since it could cause a victim to lose all of their funds. Ledger is already aware of this scam and warned users in a post in May.

“The fake user guide in the Nano’s box asks the user to connect the device to a computer,” the post stated. “To initialize the device, the user is then asked to enter his 24 words in a fake Ledger Live application. This is a scam. Do not connect the device to your computer and never share your 24 words. Ledger will never ask you to share your 24-word recovery phrase.”

It is unclear if Ledger has done any active work to educate its customers who saw their data exposed last year with dedicated emails or warnings, apart from the passive blog posts.

Needless to say, under no circumstance should you type your bitcoin wallet seed phrase on any keyboard, take photos of it or have any internet-connected device know about it. The only safe place to store, write and recover a seed phrase is the hardware wallet itself.

MORE ON BITCOIN SEED PHRASES AND PRIVATE KEYS

A seed phrase is a collection of 12 or 24 human-readable words used to generate bitcoin private keys for a wallet. The seed phrase, also known as the recovery phrase or backup phrase, contains all of the information needed to access, spend and recover bitcoin funds. For this reason, the seed phrase has to be kept safe; otherwise, anyone who discovers it can steal the bitcoin.

The private key, which is generated by the seed phrase, is not human readable. It is a secret 256-bit number, usually in hexadecimal format — 64 characters or 32 bytes in the range of zero to nine or A to F.

Modern wallets leverage both seed phrases and private keys to employ Hierarchical Deterministic (HD) Wallets, using BIP32 seeds. HD Wallets allow the wallet to use a single seed phrase to generate a whole sequence of keys, allowing the entire wallet to be restored from that seed.

Source: Ledger Hack Victims Are Receiving fake Hardware Wallets – Fintechs.fi

Comments

Alex 2 year ago
Nicely well-written article. It was an awesome article to read. Complete rich content and fully informative crypto lebanon
Oh ya 3 year ago
If you are going to have a fake money that is not backed by anything, has no assets, produces nothing and is not even a currency you can hold in your hand then a fake wallet is all you need

Newsletter

Related Articles

Arab Press
0:00
0:00
Close
China Criticizes US for Vetoing UN Ceasefire Resolution in Gaza
Saudi Arabia ranks first in UN index for e-government services in MENA
Israel Records 20% Drop In GDP, War In Gaza Is The Reason
Saudi Arabia's FDI Inflows Grow with New International Standards
Venture Capitals Power Up Across MENA Region
PM Modi Announces Opening Of New CBSE Office In Dubai
January Funding for MENA Startups Totals $86.5 Million
Saudi Arabia accelerates digital economy growth through Nvidia partnership
Israel unveils tunnels underneath Gaza City headquarters of UN agency for Palestinian refugees
Israel deploys new military AI in Gaza war
Egypt threatens to suspend key peace treaty if Israel pushes into Gaza border town, officials say
Saudi Arabia Warns Of A "Humanitarian Catastrophe" If Israel Moves On Rafah
US University To Shut Qatar Campus Due To "Heightened Mideast Instability"
Facebook and Instagram Ban Iran's Supreme Leader
Defense Technology Showcase Held in Riyadh
Saudi Arabia’s non-oil exports rise 2.5% to $6bn in November 2023: GASTAT
Rolls-Royce Executive Encourages Saudi Women to Tap into Their Inner 'Superhero' for Success in Defense Industry
Saudi Arabia launches National Academy of Vehicles and Cars
Saudi Tourism Minister Reveals Plan for 250,000 New Hotel Rooms by 2030
SAR to more than double eastern network passenger capacity with new trains deal
Saudi Arabia Enhances National Defense with New Partnerships
Saudi Aramco Maintains Arab Light Crude Pricing to Asia for March
NEOM Establishes New York Office to Support Investors
Saudi Wealth Fund Draws in Over $25 Billion Worth of Investments in Three Years, Al-Rumayyan Reveals
The Saudi Kingdom's Ultimatum to Israel: A Win-Win Peace with Saudi Arabia and the Arab World, or a Lose-Lose Continued Occupation and Endless Conflict
Biden condemns anti-Arab hate after WSJ opinion piece calls Dearborn ‘jihad capital’
Turkey Releases Seven Hostages Captured by Pro-Gaza Gunman
Arab Parliament Commends Women's Contributions to Societal Development
British and Hungarian Foreign Ministers visited Lebanese leaders to stress the importance of enacting UN Resolution 1701
Yemen's Houthis Say They Targeted British Merchant Vessel In Red Sea
Donald Trump Nominated for Nobel Peace Prize for 'Historic' Middle East Policy
US lawmakers approve F-16 jet sale to Turkey following NATO expansion support
Saudi Arabia Climbs 25 Places in World Bank's National Statistics Indicator
Tourism Growth in Saudi Arabia Fuels Advancements in the Hospitality Industry," Says Rotana Official
Houthi Rebels Request Departure of UN Staff from Yemen, Including US and UK Personnel, within a Month
Modi Inaugurates Hindu Temple on Site of Demolished Mosque in India
Over 25,000 Deaths in Gaza Amid Israeli Offensive
Escalating Clashes in Gaza as Israel Distributes Leaflets to Assist in Locating Hostages
Turkey's First Astronaut Set to Launch for International Space Station Today
Head of Palestinian Investment Fund Warns More People May Die of Hunger Than War in Gaza
Palestinian Envoy Criticizes UK for Alleged 'Double Standards' in Policies Toward Israel
Morocco to Lead UN Human Rights Council in 2024
Is artificial intelligence the solution to cyber security threats?
Egypt has been identified as the leading military force among Arab nations and ranks 15th globally
The AI Revolution in the Workforce: CEOs at Davos Predict Major Job Cuts in 2024
Iranian Nobel Laureate Narges Mohammadi Receives Additional Prison Sentence
"Gazans Urge Israeli Forces to Target Hamas in Leaked Audio"
Biden States US and UK Airstrikes on Houthis Were a 'Defensive Action
Large Pro-Palestine Rally in London as Gaza Conflict Hits Day 100
South Africa Urges World Court to Halt Israeli Actions in Gaza
×