London Daily

Focus on the big picture.
Thursday, Jul 03, 2025

Ledger Hack Victims Are Receiving fake Crypto Hardware Wallets

Ledger Hack Victims Are Receiving fake Crypto Hardware Wallets

A new hack is claiming victims following the the Ledger data breach of July 2020. The new scam involves sending convincing but fake hardware wallets to victims.

Bitcoin Magazine’s pseudonymous author ‘Namcios’ covered the recent scam, detailing how it was done step by step and the victims lured in. Here’s the story:

Victims of a hack of customer data held by bitcoin hardware wallet provider Ledger, which happened almost a year ago, are still apparently being targeted by scammers. Over 1 million victims of the hack had their details exposed, including their names, phone numbers and email addresses. And more than 200,000 people also had their home addresses breached.

Now, some of the victims appear to be receiving counterfeit hardware wallets through the mail. And a recent Reddit post indicates that the new scam attempt is quite sophisticated.

Reddit user u/jjrand, who self-identified as one of the victims of last year’s Ledger data breach, shared that they received a package that appeared to be from Ledger in the mail, even though they hadn’t ordered one. Although the device was wrapped in seemingly authentic packaging, the user could spot some telltale signs that hinted that it was a fake. The package also included a letter, supposedly from Ledger CEO Pascal Gauthier, though it was poorly written and filled with grammatical and spelling errors.

“As you know, Ledger was targeted by a cyberattack that led to a data breach in July 2020,” read the fake letter. “For this reason for security purposes, we have sent you a new device you must switch to a new device to stay safe. There is a manual inside your new box you can read that to learn how to set up your new device. For this reason, we have changed our device structure. We now guarantee that this kinda breach will never happen again.”

Also in the package was a Ledger Nano X box that seemingly contained a legitimate device. However, the Reddit user became suspicious and opened it, sharing pictures demonstrating that the machine was likely tampered with.

Security researcher Mike Grover analyzed the photos and explained to BleepingComputer how the attackers probably carried out their actions.

“This seems to be a simple flash drive strapped on to the Ledger with the purpose to be for some sort of malware delivery,” Grover told BleepingComputer in a chat about the photos. “All of the components are on the other side, so I can’t confirm if it is JUST a storage device, but…. judging by the very novice soldering work, it’s probably just an off-the-shelf mini flash drive removed from its casing.”

Grove also explained that “those four wires piggyback the same connections for the USB port of the Ledger.”

Previously, the attackers had sent out phishing emails to victims, prompting them to type in their recovery seeds — the 12 or 24 words used to derive one’s private keys, giving anyone who possesses it complete control of the victim’s funds. By tampering with the device, the attackers likely hoped to get their target to type their recovery words into the fake application, which would allow the bad actors to take control of the victim’s funds.

Therefore, this attack is severe since it could cause a victim to lose all of their funds. Ledger is already aware of this scam and warned users in a post in May.

“The fake user guide in the Nano’s box asks the user to connect the device to a computer,” the post stated. “To initialize the device, the user is then asked to enter his 24 words in a fake Ledger Live application. This is a scam. Do not connect the device to your computer and never share your 24 words. Ledger will never ask you to share your 24-word recovery phrase.”

It is unclear if Ledger has done any active work to educate its customers who saw their data exposed last year with dedicated emails or warnings, apart from the passive blog posts.

Needless to say, under no circumstance should you type your bitcoin wallet seed phrase on any keyboard, take photos of it or have any internet-connected device know about it. The only safe place to store, write and recover a seed phrase is the hardware wallet itself.

MORE ON BITCOIN SEED PHRASES AND PRIVATE KEYS

A seed phrase is a collection of 12 or 24 human-readable words used to generate bitcoin private keys for a wallet. The seed phrase, also known as the recovery phrase or backup phrase, contains all of the information needed to access, spend and recover bitcoin funds. For this reason, the seed phrase has to be kept safe; otherwise, anyone who discovers it can steal the bitcoin.

The private key, which is generated by the seed phrase, is not human readable. It is a secret 256-bit number, usually in hexadecimal format — 64 characters or 32 bytes in the range of zero to nine or A to F.

Modern wallets leverage both seed phrases and private keys to employ Hierarchical Deterministic (HD) Wallets, using BIP32 seeds. HD Wallets allow the wallet to use a single seed phrase to generate a whole sequence of keys, allowing the entire wallet to be restored from that seed.

Source: Ledger Hack Victims Are Receiving fake Hardware Wallets – Fintechs.fi

Comments

Alex 3 year ago
Nicely well-written article. It was an awesome article to read. Complete rich content and fully informative crypto lebanon
Oh ya 4 year ago
If you are going to have a fake money that is not backed by anything, has no assets, produces nothing and is not even a currency you can hold in your hand then a fake wallet is all you need

Newsletter

Related Articles

0:00
0:00
Close
DJI Launches Heavy-Duty Coaxial Quadcopter with 80 kg Lift Capacity
U.S. Senate Approves Major Legislation Dubbed the 'Big Beautiful Bill'
Largest Healthcare Fraud Takedown in U.S. History Announced by DOJ
Poland Implements Border Checks Amid Growing Migration Tensions
Political Dispute Escalates Between Trump and Musk
Emirates Airline Expands Market Share with New $20 Million Campaign
Amazon Reaches Milestone with Deployment of One Millionth Robot
US Senate Votes to Remove AI Regulation Moratorium from Domestic Policy Bill
Yulia Putintseva Calls for Spectator Ejection at Wimbledon Over Safety Concerns
Jury Deliberations in Diddy Trial Yield Partial Verdict in Serious Criminal Charges
House Oversight Committee Subpoenas Former Jill Biden Aide Amid Investigation into Alleged Concealment of President Biden's Cognitive Health
King Charles Plans Significant Role for Prince Harry in Coronation
Two Chinese Nationals Arrested for Espionage Activities Against U.S. Navy
Amazon Reaches Major Automation Milestone with Over One Million Robots
Extreme Heat Wave Sweeps Across Europe, Hitting Record Temperatures
Meta Announces Formation of Ambitious AI Unit, Meta Superintelligence Labs
Robots Compete in Football Tournament in China Amid Injuries
Trump Administration Considers Withdrawal of Funding for Hospitals Providing Gender Treatment to Minors
Texas Enacts Law Allowing Gold and Silver Transactions
China Unveils Miniature Insect-Like Surveillance Drone
OpenAI Secures Multimillion-Dollar AI Contracts with Pentagon, India, and Grab
Marc Marquez Claims Victory at Dutch Grand Prix Amidst Family Misfortune
Germany Votes to Suspend Family Reunification for Asylum Seekers
Elon Musk Critiques Senate Budget Proposal Over Job Losses and Strategic Risks
Los Angeles Riots ended with Federal Investigations into Funding
Budapest Pride Parade Draws 200,000 Participants Amid Government Ban
Southern Europe Experiences Extreme Heat
Xiaomi's YU7 SUV Launch Garners Record Pre-Orders Amid Market Challenges
Jeff Bezos and Lauren Sanchez's Lavish Wedding in Venice
Russia Launches Largest Air Assault on Ukraine Since Invasion
Education Secretary Announces Overhaul of Complaints System Amid Rising Parental Grievances
Massive Anti-Government Protests Erupt in Belgrade
Trump Ends Trade Talks with Canada Over Digital Services Tax
UK Government Softens Welfare Reform Plans Amid Labour Party Rebellion
Labour Faces Rebellion Over Disability Benefit Reforms Ahead of Key Vote
Jeff Bezos and Lauren Sánchez Host Lavish Wedding in Venice Amid Protests
Trump Asserts Readiness for Further Strikes on Iran Amid Nuclear Tensions
North Korea to Open New Beach Resort to Boost Tourism Economy
UK Labour Party Faces Internal Tensions Over Welfare Reforms
Andrew Cuomo Hints at Potential November Comeback Amid Democratic Primary Results
Curtis Sliwa Champions His Vision for New York City Amid Rising Crime Concerns
Federal Reserve Proposes Changes to Capital Rule Affecting Major Banks
EU TO HUNGARY: LET THEM PRIDE OR PREP FOR SHADE. ORBÁN TO EU: STAY IN YOUR LANE AND FIX YOUR OWN MESS.
Trump Escalates Criticism of Media Over Iran Strike Coverage
Trump Announces Upcoming US-Iran Meeting Amid Controversial Airstrikes
Trump Moves to Reshape Middle East Following Israel-Iran Conflict
Big Four Accounting Firms Fined in Exam Cheating Scandal
NATO Members Agree to 5% Defense Spending Target by 2035
Australia's Star Casino Secures $195 Million Rescue Package Amid Challenges
UK to Enhance Nuclear Capabilities with Acquisition of F-35A Fighter Jets
×