Bitcoin wallet provider Ledger got compromised again by a malicious phishing attack as some users received emails with software that led to a loss of funds so let’s read more in today’s crypto news.
The hack could have resulted from the company’s user breach data back in July this year. The wallet provider Ledger warned its users to stay vigilant and verify the incoming requests. The famed hardware wallet manufacturer Ledger, suffered a phishing attack and some believe that it was connected to the leak of the company’s customer data from July 2020.
🚨 SCAM ALERT 🚨
According to our information, some scammers are getting in touch with Ledger users through text messages and emails.
Never give the 24 words of your recovery seed. Ledger will never ask for them.
— Ledger (@Ledger) October 19, 2020
There were a few reports mentioning a phishing email which some Ledger users received. The notice warned users of security breach on October 24 which put the users’ crypto assets at risk. Victims of the malicious emails were then urged to click on the link and visit it in order to update firmware on their devices. The link took users to a phishing website with the io. domain extension instead of the authentic .com domain. The malware hosted a fraudulent site which gave the hackers access to the users’ private keys and allow them to steal all of their crypto.
At the time of writing, the phishing website is down so Ledger was quick to react to the attack and sent customers a warning message about phishing attempts and making a website statement. Ledger’s case highlighted the vulnerabilities of centralized setups for unencrypted data storage. The echoes of the single attack could continue to surface further as scammers are able to reuse customers’ data like email addresses, names and phone numbers. This is valuable lesson that the users can take away from this which is remembering the famous crypto saying “don’t trust, verify” once they receive a request asking for sensitive info.
As reported previously in our news, Ledger failed to fully fix the major vulnerability which allows for a “BTC fork” attack as the recent report concluded that Ledger App failed to fix the major vulnerability that allows a Bitcoin fork attack. Mo Nokhbeh claimed that Ledger’s wallet failed to isolate the responsible apps that granted authorization of the transaction of different assets. This creates the vulnerability where a users’ wallet can be fooled into authorizing a transaction for less valuable assets like Bitcoin Cash, Litecoin or any other BTC fork where in reality, a Bitcoin transaction is being released.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post