Popular hardware cryptocurrency wallet Ledger is the latest target of a new wave of phishing scams after perpetrators spoofed official-looking emails to trick victims into revealing their recovery phrases.
These attacks exploit concerns about security and the upcoming holiday season’s surge in online transactions, highlighting the ongoing risks facing crypto investors.
Exploiters Spoof Ledger Emails
Technology news and computer help website Bleeping Computer reported that phishing campaigns begin with emails designed to look like official Ledger communications.
“A new Ledger phishing campaign is underway that pretends to be a data breach notification. It asks you to verify your recovery phrase, which is then stolen and used to steal your cryptocurrency,” an excerpt in the report read.
The emails are complete with the subject line: “Security Alert: Data Breach May Expose Your Recovery Phrase.” Sent through the SendGrid email-marketing platform, the messages falsely claim that Ledger has suffered a recent data breach, potentially exposing recovery phrases. With this, the email urged recipients to verify their phrases using a “secure verification tool.”
Per the report, the emails direct users to a convincing Ledger-branded website hosted on Amazon Web Services. The website then redirects to a domain — ledger-recovery[.]info — registered on December 15, 2024. The site mimics Ledger’s legitimate platform, complete with a prompt to perform a “security check” by entering the wallet’s recovery phrase.
This prompt is highly deceptive. It validates entered words against a list of 2,048 recognized terms used in recovery phrases. Regardless of the input, the site claims the phrase is invalid, encouraging users to re-enter their details and ensuring the scammers collect accurate data.
Armed with this information, attackers gain full control over victims’ wallets. This allows them to drain cryptocurrency holdings and steal other digital assets.
Ledger’s Response after a History of Exploitation
Ledger did not confirm or deny the existence of any new data breaches. Nevertheless, in a statement on X (formerly Twitter), the company reiterated its longstanding advice.
“Ledger will never call, DM, or ask for your 24-word recovery phrase. If someone does, it’s a scam,” the statement read.
The company also addressed concerns raised by users who reported receiving such emails. While acknowledging that phishing scams are an unfortunate part of the digital space, Ledger emphasized the importance of maintaining proper security hygiene.
Meanwhile, Ledger users have been frequent targets of phishing campaigns, particularly after a 2020 data breach exposed sensitive customer information. While the breach did not compromise wallets directly, the stolen data has been used to orchestrate highly personalized phishing attempts.
In December 2023, the company faced another security issue when its connector library was compromised, leading to $484,000 in losses. These recurring incidents reflect scammers’ persistent efforts to exploit Ledger’s popularity and users’ trust in the brand.
“For a company, we’re all forced to trust for custody of our assets, this is not a good look,” one user remarked.
Of note is that the holiday season typically sees a spike in online activity, creating a fertile environment for phishing scams. Security analysts warn that crypto-related fraud is likely to escalate as scammers seek to capitalize on increased transactions and the general distraction of the holidays.
“The holiday season means more online shopping. And that’s why it’s a scammer’s favorite time of year,” one user on X shared.
Elsewhere, crypto scams specifically have seen fluctuating success in recent months. Losses from phishing schemes fell by 53% in November 2024, totaling $9.3 million. However, this latest campaign suggests that scammers are redoubling their efforts.
Crypto investors should take every measure to secure their wallets, recognizing that the responsibility for safeguarding digital assets ultimately lies with the individual.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.
Source: https://beincrypto.com/ledger-users-targeted-in-phishing-scam/