Alert: Crypto Thieves Impersonate Ledger in Sophisticated Wallet-Draining Scam

Alert: Crypto Thieves Impersonate Ledger in Sophisticated Wallet-Draining Scam

Ledger Users Targeted by Sophisticated Phishing Campaign

A new phishing campaign targeting Ledger cryptocurrency wallet users is currently active, masquerading as a data breach notification to steal recovery phrases and cryptocurrency assets.

The Attack Method:
– Fraudulent emails claim to be from “Ledger [email protected]
– Emails warn of an alleged data breach affecting recovery phrases
– Users are directed to a fake verification page hosted on Amazon AWS
– The phishing site redirects to “ledger-recovery[.]info”
– Victims are prompted to enter their 12, 18, or 24-word recovery phrases

Technical Details:
– The phishing site validates entered words against legitimate recovery phrase vocabulary
– Entered phrases are transmitted to attackers’ servers in real-time
– The site deliberately returns “invalid phrase” messages to encourage multiple attempts

Security Recommendations:
1. Never enter recovery phrases on any website or application
2. Only input recovery phrases directly into Ledger hardware devices
3. Manually type ledger.com instead of clicking email links
4. Disregard all emails requesting recovery phrase verification
5. Remember that Ledger never requests recovery phrases via email

This campaign follows a pattern of increased phishing attempts since Ledger’s 2020 data breach, which exposed customer contact information. The current attack demonstrates sophisticated social engineering tactics, highlighting the importance of maintaining strict security practices for cryptocurrency storage.

Share This Article