Cryptoverse Warns: Protect Your Bitcoin From Fake Ledger Apps
A number of people on social media sites have been reporting receiving or knowing people who have received phishing emails, pretending to be from France-based major hardware wallet manufacturer Ledger and attempting to steal people's crypto. Some have reportedly lost all bitcoin (BTC) held in their wallets.
As reported, Ledger announced this summer that it had suffered a data breach, with a “third party” accessing at least 1 million of its users’ contact details. Scammers seem to continue to utilize the gathered information for their own financial gains, alerting users of imminent danger to their crypto, directing them to a fake application, a Ledger clone, and attempting to get their seed phrase.
Redditor 'bsteinfeld' said that they got an email stating it's from Ledger and informing them of a data breach that affected confidential information of some 115,000 customers. The email instructed the user to install the latest version of Ledger Live, after which they reportedly put their recovery phrase into a fake desktop app and losing their money.
Magic Internet Money Podcast host Brad Mills tweeted of a Bitcoiner who reportedly lost his entire USD 50,000 life savings through this scam. "Being your own bank means being ever-vigilant against social engineering hacks," he said.
Bitcoin developer Matt Odell also posted of a person who "lost everything. Complete devastation" due to these "convincing" scammers who are "raking it in."
The commenters are arguing that a person can't lose the entirety of their wallet content just by downloading a fake version of Ledger, but can do so if they transfer the whole content with the scammer redirecting it to another address, or, what they find more likely, if the user entered their seed into a network-connected computer and gave their real seed to the fake app.
The commenters are also saying that, despite the scammers putting in the effort to make it legit, the circulating email has quite a few red flags, such as incorrect dates or saying Ledger holds public keys. They're warning the Cryptoverse to "stay vigilant."
On their part, Ledger has warned users that they wouldn't ask for recovery phases or assets to be sent. Many, however, think this is not enough.
Cryptonews.com has contacted Ledger for comment.
Personal Data Leaks In Crypto Are Inevitable, Here’s What Can Be Done
Discovered Vulnerability Made Ledger to Choose Between 'Security and Usability'