Search ForexCrunch
  • Ledger users receive scam emails impersonating the cryptocurrency wallet developer.
  • The company confirmed the phishing attack and urged users to be cautious.

Some users of the hardware cryptocurrency wallet fell victim to the email phishing attack.  According to numerous reports on Twitter, people receive emails impersonating the cryptocurrency wallet manufacturer. 

The hackers refer to the security breach that allegedly happened on October 25 and affected 86,000 email addresses. They claim that users’ assets are in danger due to the hack attack. To avoid losing the coins, the wallet owners are prompted to install the latest version of Ledger Live via the link embedded in the email and reset their PINs. 

The fake letters copy Ledger’s styles and communication and look very convincing. However, the sender address contains a mistake – instead of – that betrays the scam.  Apart from that, hovering over the link reveals a dodgy URL, which will download malicious software once you click on it. 

Second scam attempt in a row

Notably, this is the second impersonating scam that involves Ledger. On October 19, the hackers contacted the wallet users asking to provide their seed phrases.  

The company officially confirmed the issue and said that they were investigating the incident. However, the scope of the attack has not been disclosed. Also, the  Ledger urge users never to tell their mnemonic phrase to anyone and be on the alert if someone requires this information. 

The blame goes to Ledger

The company did not explain how the attackers got the email addresses of  Ledger users. Still, the community members believe that the leak happened on the side of the wallet provider.

Thus, a Twitter user Andreas Tasch noted that he used the email exclusively for shopping Ledger, meaning that it could not be leaked somewhere else. He also pointed out that the company failed to notify him that his email address was compromised.

Notably, Ledger confirmed the data breach at the end of June, saying that their marketing database was hacked. The cybercriminals found a vulnerability in the API interface and stole about 1 million email addresses. However, the company stated that all affected users were duly informed of the incident.