Users of Ledger hardware wallets received new devices in the mail, supposedly to protect them from the consequences of a leak that occurred in the summer of 2020. In fact, “wallets” are modified by hackers and are designed to steal cryptocurrencies. This was announced by a member of the profile community on Reddit under the nickname jjrand.
The device is packed in an authentic looking package and looks like a Ledger Nano X. The package contains a letter with an abundance of grammatical and spelling errors. In it, unknown persons on behalf of the company said that the “wallet” was sent to replace the existing one and is designed to ensure the safety of customers.
Data: Reddit.
“We have changed the structure of our device. We now guarantee that such a violation will never happen again. You must switch to a new device, ”the letter says.
Users compared the printed circuit boards of the original device and the one received in the package. Their difference is visually noticeable in the photographs:
Fake Ledger hardware wallet on the front. Data: Reddit.
Original Ledger hardware wallet on the front. Data: Ledger.
Security researcher Mike Grover, after reviewing the photographs, concluded that the attackers had added USB flash drive components to the device.
“It looks like it’s just a USB stick attached to a Ledger with the intention of delivering some kind of malware. All components are on the other side, so I cannot confirm that the device only works as a storage device. But judging by the soldering, it’s probably just a mini-flash drive without a case, ”he said.
Grover added that the flash drive implant has four wires connected to similar pins on the Ledger’s USB port.
Fake Ledger hardware wallet on the back. Data: Reddit.
The original Ledger hardware wallet on the back. Data: Ledger.
The device comes with a manual for setting it up. The user is prompted to connect “Ledger” to his computer and run the supplied application. After that, the program requires you to enter the Ledger recovery phrase in order to supposedly import your wallet to the new device.
If the user enters this information, then attackers will be able to gain access to his wallet and steal the cryptocurrencies on it.
Ledger said they were aware of this scam and had already warned users about it in May.
The company once again asked customers to use the software only from the official website Ledger.com and not tell anyone the phrase to restore access to the wallet.
The data breach of one million Ledger users occurred on June 25, 2020. An unknown party gained access to the email addresses, names, phone numbers of users.
At the end of October, a user under the nickname Polaris posted the database on the exploit.in hacker forum. The user hyperdrill bought it for 5 BTC.
On December 21, this data was made publicly available through the Raidforums forum, where anyone could download it.
In early 2021, the owners of Ledger Nano wallets began to receive threats from unknown persons demanding a ransom of 0.3 BTC or 10 ETH. The letters included the victim’s full name and address, as well as physical threats if conditions were not met within 24 hours.
Ledger developers have announced a 10 BTC reward for helping to find cybercriminals.
In April, law firm Roche Freedman filed a class action lawsuit in San Francisco court against Ledger and Shopify. They estimated the damage from the leak at more than $ 5 million.
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
