— Ending TheFed 🇩🇴 (@ThefedEnding) January 22, 2021
According to several Twitter users, attackers on behalf of the Exodus administration said that on January 18, several of the company’s servers were allegedly infected with malware, which affected the data of nearly 94,000 customers. To protect their assets, users were asked to update their wallet seed and PIN.
The recipients of the newsletter noted that the letters come from wallet providers they have never used, and the text of the letters is identical to that used in the phishing campaign associated with Ledger.
Since the #Ledgerhack I receive also phishing e-mails referring to wallet providers I´ve never used or signed up, f.e. @exodus_io . It is the same text as in the phishing e-mails related to @Ledger pic.twitter.com/4rJn8eNjL8
— Hagbard (@_hundredeyes) January 21, 2021
Recall that on June 25, 2020, the data of over a million Ledger users leaked to the Network. An unknown party gained access to email addresses, names, phone numbers of users, as well as information about purchased company products and shipping addresses.
At the end of October, a user under the nickname Polaris posted the database on the exploit.in hacker forum. User hyperdrill bought data for 5 BTC.
On December 21, user data was made publicly available through the Raidforums forum, where anyone could download it.
Last week, Ledger Nano wallet owners started receiving threats from unknown attackers demanding a ransom of 0.3 BTC or 10 ETH. The letters included the victim’s full name and address, as well as physical threats if conditions were not met within 24 hours.
This is my actual home address in the email.
I don’t even know what to say, but @Ledger you absolutely useless waste of space.
– Saleh Ahmed Ⓥ (@SalehAhmedd_) January 14, 2021
The threats began the day after Ledger announced that approximately 20,000 additional users had leaked through e-commerce provider Shopify, blaming the platform’s support team for that.
The Ledger developers have announced a 10 BTC reward for helping to find cybercriminals responsible for a series of attacks and data breaches.