A sophisticated phishing campaign is targeting Ledger users by impersonating the hardware wallet provider.
Ledger cautioned its users to refrain from sharing seed phrases via email or any other means. In Virginia, a man was found guilty of funding ISIS with cryptocurrency, and in Nigeria, authorities dismantled a crypto romance fraud operation that was associated with Chinese organized crime groups. In the interim, the United States and the United Arab Emirates implemented sanctions against individuals and entities that were associated with North Korea’s crypto laundering network.
Phishing fraudsters are attempting to capture the wallet keys of Ledger users by impersonating the crypto hardware wallet provider’s support emails. Fraudulent emails assert that Ledger has been the victim of a “recent data compromise” and urge recipients to authenticate their private seed phrases in order to “protect” their assets. Ledger’s official support address appears to be the source of the emails, but they are actually sent through an email marketing platform, as indicated by a BleepingComputer report from December 17 and images that were shared on X.
Users are directed to a website that bears the Ledger brand and requests that they “verify your Ledger” in these emails. The website appears to be genuine. Upon entering the website, a notification prompts users to input their seed phrases. These phrases are a critical combination of terms that provides complete authority over a wallet. Scammers are able to syphon funds by possessing these phrases.
In response to users who expressed concern on X, Ledger clarified that the company will never request a 24-word recovery phrase via email, direct message, or phone call. They also advised users to regard such requests as hoaxes. It remains uncertain whether any Ledger users have been the victims of this particular phishing attack.
This incident occurred subsequent to a report on December 13th that a Ledger user had lost $2.5 million in non-fungible tokens and Bitcoin. Ledger and other blockchain security firms contend that the loss was the result of a phishing scheme that started in February 2022, despite the user’s assertion that they had never shared their seed phrase online. However, the funds were only recently stolen.
Ledger encountered additional security challenges throughout the years, such as a connector library codebase compromise in December 2023. This is an instrument that simplifies user access to decentralized finance applications. This compromise facilitated the theft of $484,000 from victims by an assailant.
As online transactions increase, security experts caution that phishing schemes are likely to increase during the holiday season. Meta also cautioned users about fraudulent marketing campaigns that target holiday consumers, such as counterfeit retail coupons, fraudulent decoration sales, and fake gift promotions. Nevertheless, there was a 53% decrease in phishing losses in the cryptocurrency sector from month to month in November.
Phishing attacks are not the conclusion of crypto offences. A federal jury found Mohammed Azharuddin Chhipa, a 35-year-old resident of Springfield, Virginia, guilty of contributing cryptocurrency to the terrorist organization ISIS.
Between October 2019 and October 2022, the United States Department of Justice (DOJ) disclosed that Chhipa transferred $185,000 in cryptocurrency to ISIS members in Syria. The evidence presented in court demonstrated that these funds were utilized to provide support to ISIS in a variety of ways, such as financing the escape of female ISIS members from prison camps and providing assistance to ISIS combatants.
