Attackers began to use a new scheme for theft of cryptocurrencies-they send paper letters to users of Ledger’s hardware wallets in an attempt to take possession of sid frazes for complete access to crypto actes.

The scammers send letters by mail to Ledger users using the official logo and company address. Fraudsters pretend to be security specialists, demanding from the recipients of letters to scan a QR code and introduce a recovery phrase consisting of 24 words, performing the validation of the device. Attackers intimidate that the passage of this “test” is mandatory, since it is needed to criticize security. Failure to fulfill the procedure can lead to restriction of access to the hardware and the funds stored there, the letter says.

This information was first published by the X user Jacob Canfield, sharing photos of letters. He urged subscribers to be careful and asked to warn all friends who use Ledger devices. The Ledger team responded to Kinfield’s tweet, confirming that the company did not send such letters. This is a typical phishing scheme, when victims voluntarily provide access to their cryptocurrency wallets, only earlier scammers sent emails.

Attackers could take advantage of the data leak from Ledger, which occurred in 2020. The Ledger marketing database was compromised due to an incorrectly-minded third-party API, as a result of which about 270,000 Ledger customers were published. Their names, email addresses, phone numbers and physical mailing addresses appeared on the Internet.

Recently, fraudsters tried to steal the sid fraza from customers of the Gemini cryptocurrency, trying to convince them of bankruptcy of the exchange. To “protect funds”, users were sent phishing links, after the transition to which users usually leave their personal data and lose cryptoactives.