Ledger users receive fake cryptocurrency wallet sent by hackers

A year ago a data breach incident was reported in Ledger that would have compromised the information of the users of this cryptocurrency wallet and to date many aspects about this incident were ignored.

However, a contributor to the r/Ledgerwallet forum on Reddit identified as u/jjrand who claims to be one of the affected users posted some images of what would appear to be a fake Ledger Nano X wallet received in the mail.

This device was received wrapped in seemingly authentic packaging, although the user who received it reported detecting some signs that this could be a scam. In addition, the package included a poorly drafted letter allegedly signed by Pascal Gauthier, Ledger’s CEO. The letter, written in English, states that the company sent a new device to some users for security reasons, which includes a manual for learning how to use this new hardware wallet.

In this regard, cybersecurity specialist Mike Grover believes that the user did the right thing by distrusting the package received: “That device appears to be simply a USB drive that some hacking group tries to pass off as a legitimate Ledger device in order to inject some variant of malware into the systems of the affected user.”

The goal of the actors behind this campaign seems to be the theft of the information needed to access the target user’s cryptographic resources.

This information reached the company, which also released a statement about this suspicious device: “The guide included with this device asked the user to connect it to a computer and enter their security keys into Ledger Live. This is fraudulent activity not linked to Ledger, so we ask you not to share private information and preferably not to connect this device to a computer.”

While the warning is included as part of the list of phishing campaigns identified by Ledger, it’s unclear whether the company has communicated directly with users, especially those whose details were compromised during the incident reported a year ago.

Over time, other fraudulent campaigns stemming from ledger’s data breach have been detected, such as an ambitious phishing campaign that reached virtually all of the company’s users, who received a seemingly legitimate message with which threat actors sought to steal access to their cryptocurrency wallets.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.