The user received an alleged letter from Ledger with misspellings. One expert says that inside the device the welds were made by a novice.
A user of Ledger, a company that makes cold bitcoin (BTC) wallets, was the victim of aN amateur scam attempt, in which he received what appears to be a package containing the Ledger Nano X wallet in the mail, albeit completely false.
The alert was given by Reddit user Jjrand who received what appeared to be a cold wallet with a letter and a series of alleged instructions in the mail, although he said he had not asked the company for a new device.
The letter, spelled with some obvious misspellings, was allegedly signed by Ledger CEO Pascal Gauthier. Among other relevant things, it explained in detail that, for security reasons it should be switched to the new device to keep the user safe, referring to the data theft in 2020.
In the fake document the victim can read: “For this reason, we have changed the complete archetype of our device. We now guarantee that this kind of breach will never happen again .“
Inside the package, the victim also found a supposed manual for setting up the fake device, in which they ask people to enter their recovery phrase to connect their bitcoin wallet to the suspicious new hardware.
This is where the criminals would act because the recovery phrase would be sent to the attackers, who would use it to import the victim’s wallet into their own devices to steal the current funds in the said wallet.
The scammers would be taking advantage of the data that got hacked and stolen from Ledger’s marketing department, in July 2020, when a million email addresses and some personal documents of its users were leaked.
These advantages include deceiving people through false claims. For the type of cases reported by Jjrand, Ledger explains on his Twitter account that they would and will never ask his users for the 24-word recovery phrase or PIN.
An Expert’s Vision
The specialized medium BleepingComputer recently exposed the analysis made by the security researcher and expert on offensive USB implants/cables, Mike Grover.
Through the images released by Jjrand, the specialist detected that the “device” is a flash drive connected to a Ledger device to serve as a bridge for some kind of malware delivery.
An Unusual Theft of Bitcoin from Ledger Wallet
Attacks on Ledger users have turned into a very usual incident, although most of them never achieve their goals. For example, last February, CriptoNoticias reported an unusual theft of bitcoins.
At that moment, the victim was a Spanish investor who, when he desired to check out the balance of his portfolio, detected two unauthorized transactions and his fund balance was almost 0. There were no signs of the modus operandi with which the attacker managed to steal the BTC.
By: Jenson Nuñez
