Sunday, November 29, 2020

‘Convincing’ Phishing Attack Targets Ledger Hardware Wallet Users

Must Read

Guggenheim Partners prepares to dip investment fund’s toes into Bitcoin

An SEC filing on Friday indicates that the next Wall Street institution to take a public position in Bitcoin may also be among the...

HUGE Altcoin Potential: Ethereum (ETH), Quant (QNT), TomoChain (TOMO), Kava.io (KAVA)

Bitcoin is still fighting to reach an new all time high. So in the meantime, let's examine some of the altcoin projects that will...

Bitcoin carnage, Eth2 milestone, Libra launch, PayPal blunder: Hodler’s Digest, Nov. 21–27

Coming every Saturday, Hodler’s Digest will help you track every single important news story that happened this week. The best (and worst) quotes, adoption...

Bitcoin relief rally is underway — Can BTC price reclaim $18K?

Bitcoin (BTC) price dropped severely in the previous week, falling from $19,500 to $16,000. Corrections never occur smoothly as dropdowns are frequently sudden and...

Customers of Ledger, the hardware cryptocurrency wallet, are being targeted by a phishing attack posing as an email from Ledger support. 

The fake email ostensibly informs users their Ledger assets may be compromised. It states, “Our forensics team has found several of the Ledger Live administrative servers to be infected with malware.” This claim is false; while the email form looks professional, it is a phishing attempt to steal customers data. 

The email is so convincing that even wary users might be fooled. Ledger confirmed that, for the last week, a phishing attack has been targeting Ledger cryptocurrency wallet customers. 

“I received the same email and for once I got really confused. Everything checks out,” said one Reddit user in reply to the original post. “However, there you can see that the url is incorrect (notice the dot on the second ‘e’ => ledgėr). What triggered my doubt was that I received the email twice within a couple of minutes. … It’s probably related to the previous hack where a hacker managed to get our email addresses.”

Another user replied, “Wow this looked really legit, so much so I used Contact Us form to ask Ledger if it was real. I am normally pretty good at sniffing things like this out – this was by far the most convincing attempt I have ever seen.”

In July, the Ledger team discovered an API key related to their e-commerce and marketing database was exploited, and the database accessed by an unauthorized third party. The database details (mostly email addresses) were used to send order confirmations and promotional emails. 

CoinDesk independently reviewed one of these phishing emails, which was sent from “support@legder.com.” A key clue in any phishing email is a slight misspelling of a real address or URL; in this instance, “ledger.com” is misspelled. 

Phishing attacks are common and attackers are increasingly sophisticated, creating emails that resemble official company correspondence. They rely on a person making a mistake and clicking on a link that could compromise his or her security. 

In a statement, a Ledger spokesperson said an internal task force has been deployed to investigate the latest phishing attack. 

“The investigation is ongoing and at this time we cannot give any additional information but one thing is for certain: Ledger will never ask you for your 24-word recovery phrase, which is a blatant sign of a phishing scam,” said the spokesperson. “Ledger encourages customers to exercise caution as phishing attacks become more sophisticated and to alert Ledger’s customer support team and consult Ledger.com for more information on the detection of scams.”