Bitcoin Forum

This is not necessarily true. Someone could have access to another leaked database that includes your name, and are sending emails to every email in that database.

If your email is in a database for one major crypto company, there is a good chance that you will also receive mail from another major crypto company.

shit inside

You're lying and full of shit

Contact and order details were involved. This is mostly the email address of our customers, approximately 1M addresses. Further to investigating the situation we have also been able to establish that, for a subset of 9500 customers were also exposed, such as first and last name, postal address, phone number or ordered products. Due to the scope of this breach and our commitment to our customers, we have decided to inform all of our customers about this situation.

...

I see deluded Ledger believers are still alive, or maybe you are part of stinky Ledger team?

----

This is mostly the email address of our customers, approximately 1M addresses. Further to investigating the situation we have also been able to establish that, for a subset of 9500 customers were also exposed, such as first and last name, postal address, phone number or ordered products

Those 9500 customers whose detailed personal information are exposed will receive a dedicated email today to share more details.

I will also add that I'm seeking some legal advice to see if I can open a claim against Ledger for the way they've had handled things. First of all, I consider a company that sells hardware wallets should have an above average cybersecurity protocols/development/call it the way you want to call it. It's true that we are human and they can, as any other company can, get hacked and have customer data leaked; but the way they've handled it... that what really bothers me. Once I receive some kind of answer from my advisor, I will either simply update this post, or if there's something that can actually be done, I may create a whole thread just to let affected people know.

Surprise surprise; I've checked back all the emails Ledger sent me around that time, and besides the general email (saying the same that the blog entry says), I did not receive any "dedicated email", but what I have received is a SMS addressing me by the name I provided to the company at the time I made my only purchase to them. This leads me to believe that I was between those alleged 9.500 users, but was never notified.

I will also add that I'm seeking some legal advice to see if I can open a claim against Ledger for the way they've had handled things.

That is worrying. That can mean that they either don't know what was leaked and in what quantities, or they are lying about it so as not to cause further harm to themselves and potentially lose customers.

Another thought. Those official messages that Ledger sent to their users informing them about the security breach, could have been marked as spam by your email client. In that case they would be deleted by now. Hotmail, for example, deletes spam messages after 10 days, but I am not sure if they move them to the trash bin or if they get removed entirely. You say that you checked now, but a lot of time has passed. You don't remember seeing any at the time?  

Surprise surprise; I've checked back all the emails Ledger sent me around that time, and besides the general email (saying the same that the blog entry says), I did not receive any "dedicated email", but what I have received is a SMS addressing me by the name I provided to the company at the time I made my only purchase to them. This leads me to believe that I was between those alleged 9.500 users, but was never notified.

First of all, I consider a company that sells hardware wallets should have an above average cybersecurity protocols/development/call it the way you want to call it. It's true that we are human and they can, as any other company can, get hacked and have customer data leaked; but the way they've handled it... that what really bothers me. Once I receive some kind of answer from my advisor, I will either simply update this post, or if there's something that can actually be done, I may create a whole thread just to let affected people know.

-----

Now, I don't know how I would've handled that if I was Ledger, because I have little to no idea about personal data handling regulations. I know however, that if they claimed to only have 9500 affected users, and I was not between those users but now it turns out I am; there is something that they have not done correctly; and that's exactly what I'm after.

What is the case with me on Gmail (and confirmed by others) that many legitimate Ledger emails end up in a spam folder - did you perhaps check there? Of course now it's probably too late for that, because at least in the case of Gmail such emails are deleted automatically after 30 days.

As for the SMS, can you tell us from which network/country it was sent? Most smartphones have the function of blocking calls and messages from a certain number, maybe the attacker uses the same number so some could block it in advance.

I wish I could; I don't know if it's a feature from my phone or something the sender set up, but the only thing I see in the sender info is "LEDGER". No number, nothing else.

Never received a "personal" notification from Ledger after the original hack... have not received any phishing emails or SMS messages recently (not even to my spam folder).

What I did receive was an email from Ledger with the subject heading "Ledger Security Alert: be cautious with phishing attempts", which (somewhat ironically) went to my spam folder ::) So, kudos to them for at least trying, I guess ::)

Affiliate DB - allegedly leaked.
https://www.reddit.com/r/ledgerwallet/comments/jqiftv/this_is_unbelievable_a_new_ledger_leak_that_was/

Hello,

As soon as we discovered the data breach in July 2020, we patched it.

Since then, we lead two penetration tests with a third party consultancy to verify and improve the security of your data.

We did not encounter a new data breach since July.

As said in another post, two weeks ago, we've been made aware that some of our customers are being targeted by phishing attempts. Some of these customers were not part of the 9,500 individuals for whom we know that data other than email were also exposed, such as first and last name, postal address, phone number or ordered products. In the current state of our knowledge, It is not technically possible to state the exact scope of the leak of this detailed data.

Hope It helps.

I feel for the folks currently getting spammed with scam text message "alerts"... must be alarming receiving a text with your full name claiming you've sent a transaction that you didn't, with a link to a website registered in your local region! :o :o

What can we recommend for newbies that is more secure than a software wallet but still straightforward and easy to use?

I would recommend purchasing hardware wallets with crypto. At least that would prevent having your bank/card details leaked. Shipping it to your place of work instead of to your own home is also not bad. Buying a burner phone or secondary SIM card whose number you would use to pick up the package is also an option.

I have multiple hardware wallets (and some other bitcoin related products) from multiple companies. I purchased all of them using well-mixed bitcoin, with a disposable email address, a fake name, and shipped them to a drop off point where I picked them up from. I have zero concern about my details being leaked - indeed, I haven't even checked to see if the fake name and email I used with Ledger showed up in their breach (I think I could probably still find the log in to the email backed up on an external hard drive somewhere, but I certainly don't remember it having not used it for several years).

However, none of that is newbie friendly.

I also received emails from "Ledger".  I didn't even buy anything and simply asked a few questions using one of my Tutamail accounts via TOR.   Those don't come back to me but sure enough those phishing emails were sent to me there.

So, in the absence of any evidence of a further data breach, it looks like the July data breach was much larger than they initially thought. It is more than a little concerning that they "cannot state the exact scope of the leak of this detailed data". They have no idea what has been breached.

...
We know we fucked up, we try to get it right for you.

At least they finally seem to be starting to "get it"

Some didn't receive that specific email because the logs we have in our possession show that 1M emails leaked plus 9500 more detailed personal info.

Although, I doubt there is realistically much they can do to "get it right" for the affected users. The proverbial horse has bolted, so the data is out there... It's not like Ledger can "undo" this. :-\

Dear client,

Ledger users are under attack and targeted by a phishing scam (here is a link to understand the anatomy of a phishing attack).

Kraken Security Lab has done a great job at describing what’s going on and we appreciate their help in this matter :

https://blog.kraken.com/post/6746/ledger-phishing-scam-targets-crypto-hardware-wallet-users/

Today, we want to let you know that Ledger is fighting hard to defeat the scammers.

But we also want to let you know that we’ll be stronger together.

Help us #StopTheScammers

The two main ideas you should leave with after reading this post are :

    Never share your 24 words with anyone.
    Help us take the scammers websites down.

The best way to stop the scammers is to take their websites down as quickly as possible. Here's how you can help:

    Spread the word: talk to your friends and your communities and let them know that they must never share their 24 words with anyone under any circumstances, Ledger will never ask for their 24 words. No one should ever ask you for your 24 words… It’s something that you must absolutely keep for you.
    If you have received a phishing attempt or if you are aware of an illegal website, like the ones above, please report it to Google Safebrowsing. The more we report these illegal websites to Google, the more difficult it will be for scammers to deceive our Ledger users.
    If you have received a phishing attempt, you can file a complaint with your local criminal authority.

Phishing scams are one of the critical problems in cybercrime. The Ledger community will be better protected if we all work together.

When you find a scam, report it to the community: #StopTheScammers

We understand the stress and uncertainty these phishing attacks may be causing you. We want to assure you that our team is doing everything in our power to stop these attacks.

What is our team doing ?

    Members of our Donjon security team are continuously tracing the scammers' new website URLs, so that we can  share the necessary technical information for the relevant authorities
    Managing and updating an on-going criminal complaint through the French Public Prosecutor to enable the police force to identify and prosecute those responsible.
    Subpoena requests have been sent in the US and in France to obtain from the internet intermediaries and communications operators full disclosure of the identity of the responsible.
    Reaching out to international cyberdefense organizations to bring the case to their knowledge. This is a way to increase the magnitude of this complaint by using these international cyberdefense organizations enormous and transnational capabilities.
    Our brand protection internal and external teams are reporting illegal  websites to abuse contact of the registrars. Within the last few weeks, 87 websites have been reported and 42 shutdowns. Some registrar fail to be reactive which explains why websites are still active despite Ledger notifying them several times following the abuse procedure.
    Communicating with our customers and community, answering thousands of questions and updating users with new information as it is available through our support center, Twitter, Facebook, email, Reddit, etc.

We will be stronger together.

#StopTheScammers

Pascal Gauthier

CEO at Ledger

Now we can only wonder if it is just one hacker who has this database, or the database has already been sold and used by multiple individuals.

Has there been any evidence of the database being sold?

Has there been any evidence of the database being sold?

Having said all that, I also haven't seen a single report on here or on Reddit or a user falling victim to these phishing messages yet. Perhaps Ledger's preemptive emails have worked.

@Lucius
Thanks for posting. It will avoid people here saying Ledger's doing nothing  ::)

https://i.imgur.com/9ykTHqS.png

What you see here is one more stupid Ledger wallet app bug that shows unreal spikes your portfolio at beginning of each month.
Everyone including Ledger developers are aware of this bug for several months and maybe even a year, but they keep ignoring it and delaying fix.
This is how they (not) fix everything in Ledger...  ::)

I am not using Ledger app all the time, but when I need to update I always look at this spikes  :D

Ledger database compromised ?
Before you down-vote me into oblivion please read carefully.

After reading all this security chaos I decided to email ledger about deleting my personal information.(yesterday)
I did not make any purchases or had any type of contact with ledger for over 2 years now and the email I used for previous purchases I used ONLY for ledger.com
I should mention that I was not affected from the previous ledger data leaks.

In anticipation of having a reply from ledger about my personal information, Today i logged in to this email and received so far 2 scam messages.

Which leads me to believe their entire database right now is compromised. I never got a reply from ledger and from what I read around here I should not expect any.

Take care.

Is moving home the only way to feel sort of safe again after Ledger leaked my home address to criminals?
I’m serious, I am worried for my families well being. I look online at home security devices and best legal weapons to keep at home. This hack has screwed with me mentally and I want to be compensated. Is there a lawyer already on the case?

Never got notified of Ledger security breach
I bought a ledger in May. I then got a phishing text Sunday which I knew was a scam, and then an email today from Ledger warning about phishing attacks.

Researching this today I see that this breach occurred months ago and I read their statement about how they were notifying everyone and doing many steps to make their systems more secure.

I was clearly in the batch of the lucky 9,000 (not sure I even trust that number now) who had not just their email but all their contact details leak and yet got notification.

Right now my confidence in ledger is at a zero, considering they couldn’t even handle notifications correctly after a security breach.

Compensation in EU

In EU, the GDPR gives a right to claim compensation from an organisation if you have suffered damage as a result of it breaking data protection law, which includes breaches. This does require the person to have suffered “material damage” (e.g. you have lost money) or “non-material damage” (e.g. you have suffered distress).

I've been getting phishing messages from fake 'Ledger' numbers, using my real name and phone number, so I am assuming that they know my personal address as well and this is a pretty big deal, since now I have to worry that someone can physically rob me, knowing I have a Ledger, which is obviously causing 'non-material damage', e.g. distress.

According to ICO (https://ico.org.uk/your-data-matters/data-protection-and-journalism/taking-your-case-to-court-and-claiming-compensation/), before taking the case into court, you can agree for compensation with the company, and I was wondering if anyone has spoken to Ledger about this yet?

I am genuinely considering going to court with this though, to be honest.

How many people here got that phishing email?  I checked my email and don't see it.  So it affect one percent of the nano ledger users database?

Also in an article it was said that this phishing lead to many users losing their crypto... especially ripple.  Can someone explain this?  So the phishing email tricked users into downloading a fake ledger live or was it some other program?  Then how did users lose their ripple then which i heard was the main coin that was lost here?  Am i assuming those users typed their ledger seed into the software?

Because since nano ledger is a hardware wallet, even if your computer is compromised as in virus/malware/keylogging, doesn't the seed as long as its not typed in the computer somewhere still safe?

It is just a coincidence that users lost XRP. That coin is surely not targeted for some reason.
Yes, users received a link telling them to download a new version of the software. Once installed, it asked users to enter their 24-word seeds. Those who did, sent their seed to the hackers.

Few days ago I also got almost same email.

~snip~

New phishing attempts are being sent out. This time the scammers are claiming that someone tried to log in to your Ledger account from an unknown Ledger Nano hardware wallet. The sign in attempt came from Russia they say. Users are being recommended to cancel device authorization from the account settings. And there is a cancel button that seems to redirect to a google.doc document.

This is how it looks:
https://i.imgur.com/LwRt23i.png 

Thank you Ledger
Since the loss of personal data by Ledger this summer, I have received numerous emails trying to gain access to my ledger.

Couple of days ago, I first got a text claiming a breach of the ledger and an additional link. Which makes it very clear where this data came from... I've seen a post with the same text on this page before.

I would like to take this opportunity to thank the Ledger team for taking good care of the personal data that they receive, especially since they operate in such a sensitive market (finance) and the fact that they informed numerous malicious actors that I have a ledger and probably some crypto, and my email, phone number and possibly home address.

Hey at least I got some sort of apology I guess.

Thank you Ledger.

Hackers are now sending google maps link of your home address! 👀 to scare more people

New phishing attempts are being sent out. This time the scammers are claiming that someone tried to log in to your Ledger account from an unknown Ledger Nano hardware wallet. The sign in attempt came from Russia they say. Users are being recommended to cancel device authorization from the account settings. And there is a cancel button that seems to redirect to a google.doc document.

My hardware wallet has been deactivated and I need to pass KYC, a very helpful text message told me today, addressing me by my full name.

Haven't you heard? New Ledger devices will come with a camera for face ID and a fingerprint scanner for fingerprint ID too!

My hardware wallet has been deactivated and I need to pass KYC, a very helpful text message told me today, addressing me by my full name.

Hello, first time poster but I think this might be relevant.

I first bought a ledger nano s about two years ago and was probably not among the people that had their data leaked this summer as I never received spam/phishing messages (neither by email or sms).

Last week, during black friday I decided to pick up another ledger as backup. I took some precautions such as using an alternative email and old phone number that I barely use.

The info is completely different from the first time a bought a ledger (even the address and payment method was different).

Today, I checked for the shipping tracking on the email used specifically for the purchase. In the spam folder, I notice there was that scammy ledger message ("download the update here"). Obviously, I immediately deleted the message.

If scammers had access to my email, it means that ledger must still be leaking data as they didn't have this specific info 7 days ago.

Can Ledger please confirm this? It would be nice to know if our private data continues to be handled poorly.

You are not the first to claim real time data leaks. This is insane! They are too busy moderating this subreddit of legitimate privacy concerns than to handle shit on their end to make sure these leaks aren't occurring. Wtf do they even use for their e-commerce?? They need to be made aware of this asap as they are equally responsible.

New phishing attempts are being sent out. This time the scammers are claiming that someone tried to log in to your Ledger account from an unknown Ledger Nano hardware wallet. The sign in attempt came from Russia they say. Users are being recommended to cancel device authorization from the account settings. And there is a cancel button that seems to redirect to a google.doc document.
This is how it looks:
https://talkimg.com/images/2023/09/10/mqLna.png

I will do my own testing to confirm this with new temp email.

I created a new email address and I signed up to their affiliate program on the main website. I also signed up to their newsletter. I placed a Ledger device in the shopping cart and entered my email address. I didn't finalize the purchase but the email address was added and TOS accepted, etc. Now I am waiting to see if any phishing mails will arrive.

No phishing emails so far. If nothing arrives in the next week, I can assume there is no ongoing data leak.

That's to be expected.

To be honestly.. if there would be an ongoing leak a.k.a. the attacker still have control over their systems, ledger would have proven to be the worst company in terms of customers data protection.

I really can't imagine that their server are still compromised, that would require some exceptionally bad incident response. Guess that's not impossible tho..

Never received any messages/texts after the initial hack back in July/August etc... until I received the latest "We are sorry to tell you that due to the new KYC regulations, your hardware device has been deactivated." message 2 days ago.

Personally, I think the users saying "I got this message after buying on Black Friday" is just a timing coincidence... but that still doesn't change the fact that Ledger fucked up originally and haven't done a great job of handling it. :-\

I really can't imagine that their server are still compromised, that would require some exceptionally bad incident response. Guess that's not impossible tho..

I received the latest "We are sorry to tell you that due to the new KYC regulations, your hardware device has been deactivated." message 2 days ago. It wasn't even personally addressed, it just said: "Dear <my.email @address.com>"... so I'm not even sure if it was from the Ledger leak, or is just a semi-targeted campaign using details from one of the many crypto service hacks :-\

~snip~

I don't think there are either. However, dkbit98 did share that reddit post (https://bitcointalk.org/index.php?topic=5284407.msg55766583#msg55766583) where a user claims that he received a phishing email after purchasing one of their devices.

I guess there's always the possibility of something being overlooked (the baddies are always so ingenious), for example: man-in-the-middle attack or even some sort of 'inside job'. As in the recent twitter case.
They may not even know they are leaking data. Purely speculation on my part, of course...

Another phishing email today. It is just not stopping. I am worried about one thing. I didn't receive email about 'ledger live' before and I never used ledger live either.

But recently I installed ledger live and used ledger live.  Now I am getting phishing email about ledger live!!

What about you? Have you received any bogus emails?

My friend, who my Ledger device was shipped to, received phishing mails, and I received some on email accounts that are not connected to Ledger at all. Who knows how these people operate and what kind of databases they have gotten their hands on. 

Nothing received yet on new email I created, but it is interesting that I didn't receive any legit email from Ledger also, even if I am subscribed to their newsletter, so maybe they shut it down totally I don't know  :D

Nothing received yet on new email I created, but it is interesting that I didn't receive any legit email from Ledger also, even if I am subscribed to their newsletter, so maybe they shut it down totally I don't know

...it's just a matter of time before they start targeting family members.

I just bought the Ledger two weeks ago. Now I am receiving a bunch of phishing emails I never got before from senders posing to be from Ledger.
I know there was a database breach a long time ago, but I just bought the Ledger X. Is there an inside employee leaking these emails? How can my email have been compromised within two weeks?

Given that every fucking scammer knows "here is an address of a person who might have a decent amount of crypto because they bought a hardware wallet" it's just a matter of time before they start targeting family members.

When you buy from a foreign country, outside of a trading block, duties are always tricky. I buy tons on cheap stuff on aliexpress and clearly nobody pays the taxes, it's just a game with the customs officer, sometimes you're caught and you pay.

A ledger being small they might go through fine most of the time.

Can you tell how phishing emails and taxes for goods is related?
Anyway, I think it's correct to compare Aliexpress and Ledger. When you buy from Ledger store, VAT is already added into final price. It depends on every seller what price they show on goods declaration and also it depends on customs of each country.
By the way, at least in Europe it won't be that easy to buy goods from China without paying taxes. From 2021, we will have to pay VAT for all goods from China, there will be no more exceptions for stuff which costs less than €22. Sorry if it's slightly off-topic :D.

Yet again another phishing email. This time in the name of new KYC rules!! >:(

https://i.imgur.com/RX39MfK.jpg

272.853 orders with full info details (Email, Addresses, Phone Number)
1.075.382 emails subscribed to newsletter

Better check if your email address is pwned and change it, oh and never trust ledger again:

Lots of reports on Reddit of people receiving ransom emails with their real name and address, and demanding payment to not be physically attacked. Horrendous.

28 times over the reported number, ledger shoot their own feet this time.

Yup, this is horrendous. The leak of 9,500 addresses was bad enough. The leak of 272 thousand addresses is horrendous. But that isn't even the worst thing. Ledger either lied and covered up the size of this leak, despite endless customer reports to the contrary, or were genuinely unaware of what data had been accessed, and this lasted for months. Either is inexcusable and unforgivable. There is zero trust left with Ledger.

Ledger confirmed.

They lied 100% like I said many times before

People who bought Ledger HW wallet definitely should check the dump file.

I get data from GitHub (link posted here (https://bitcointalk.org/index.php?topic=5250787.msg55888274#msg55888274) - forum link), but finding your data is a bit more difficult, so it would be very useful for someone to make a search option, just enough so that everyone can see if only their e-mail or all other data has been published.

People who bought Ledger HW wallet definitely should check the dump file.

They are claiming on Reddit that they did not lie, and the logs and investigation they performed revealed only 9,500 compromised addresses. As I said above, if they aren't lying then they are completely unaware about the security of their own systems, and someone managed to steal a quarter of million customers' details with Ledger being none the wiser. Not that it really matters - either is enough to never use them again.

----

Or suing them and asking for financial compensations would make them understand better how big is the fuckup they've made?

What can I do?

potential attackers don’t have (at least I hope they don’t) data on how much crypto we own.

~snip
Personally, I would very much like to join a class action lawsuit.

Who knows, they are close sourced; something that has been vastly criticized; and maybe somewhere in the code, the device sends a report on the assets each device cointains everytime you use Ledger Live. I wouldn't be surprised if such a thing was exposed right know; considering how crazy it's been since July.

Who knows, they are close sourced; something that has been vastly criticized; and maybe somewhere in the code, the device sends a report on the assets each device cointains everytime you use Ledger Live. I wouldn't be surprised if such a thing was exposed right know; considering how crazy it's been since July.

I really do not think that this is possible, it is good to check all the documents that you been checking while leaving your data on Ledger website, but I would be surprised if Ledger leaved any space for people to pull a lawsuit against them over data hacking

I highly doubt that ledger live is sending data regarding your account in some central database, it would be of no use for them and highly risky for users,

if they can, then they would be able to have access to your mnemonic phase or private key, prior to sending you device

And no one expected that Ledger were storing everyone's personal info in one big unencrypted, unprotected, and unsecured online database, and yet, here we are.

...Sad, but this is what it takes to be somewhat secure today.

At the time of the incident, in July, we engaged an external security organisation to conduct a forensic review of the logs available. This review of the logs enabled us to confirm that approximately 1 million email addresses had been stolen as well as 9,532 more detailed personal information (postal addresses, name, surname and phone number) that we were able to specifically identify.

The database publicly released yesterday shows that a larger subset of detailed information has been leaked, approximately 272,000 detailed information such as postal address, last name, first name and telephone number of our customers. These details are not available in the logs that we were able to analyse.

We regret to inform you that you are part of the approximately 272 000 customers whose detailed personal information was accessed by the unauthorized third party. Specifically, your name and surname, and your postal address were exposed.

We are still investigating, but early signs tell us that this indeed could be the contents of our e-commerce database from June, 2020

Not required. All you need to do is open Ledger Live and details of your addresses could be sent to their servers.

Makes the recent complains about ongoing leaks not that far fetched anymore, doesn't it.

---

I checked a few zip codes around me and what do you know - the number of ledger buyers per zip code follows known indicators of wealth for those areas, e.g. income and real estate prices. This might turn out to be a very valuable dataset for a wannabe burglar.

Burglars already know that wealthy neighborhoods have wealthy people.

What we should be worried about are home invaders, intent to maim and torture to get our crypto.

Maybe time to set up a decoy ledger/secondary PIN with something like 0,1BTC on it to give up to such invaders ?

yeah, but how can they relate address in Ledger live with you/personally, and your physical address

Burglars already know that wealthy neighborhoods have wealthy people.

They will have logs of the IP addresses which make orders through their website, and they could easily keep logs of the IP addresses that each Ledger Live connects from and which addresses they query. Not saying they do do this, but it is certainly possible.

Now there are reports on Reddit of people receiving scam emails about exchange accounts (notably Coinbase), as well as potential SIM swapping attacks. If you are on this list, at a minimum you should create a brand new email and move all your accounts over to this new email, and make sure you are using either a 2FA app or hardware key (NOT email or SMS) on all your accounts. Preferably change phone number too.

at a minimum you should create a brand new email and move all your accounts over to this new email, and make sure you are using either a 2FA app or hardware key (NOT email or SMS) on all your accounts. Preferably change phone number too.

Check their Terms of Service and Privacy Policy for how to go about doing so.

agree, they could also note the device serial number and transmit it through ledger live to connect to your purchase, but that will sound as they are not even legitimate company at all, and their main purpose is like stealing your funds in some way, isn't it?

They will have logs of the IP addresses which make orders through their website, and they could easily keep logs of the IP addresses that each Ledger Live connects from and which addresses they query. Not saying they do do this, but it is certainly possible.

Stealing something like a laptop or some jewellery and having to pawn them off second hand for a few hundred bucks without getting caught is one thing. Stealing tens or hundreds of thousands of dollars worth of bitcoin and knowing that you can make it untraceable is another.

----

New day brings a new phishing surprise. This time the story is directed and brought to you by our dear Prince Shaon.

New day brings a new phishing surprise. This time the story is directed and brought to you by our dear Prince Shaon. Prince Shaon didn't put much thought to it so he simple wrote from a gmail account. Ohh, bless him. Our prince suggests we all download his 'additional wallet' so that our accounts don't get hacked. Noble of him indeed. Too bad he signed the email like the Ledger CEO did in the genuine emails that were sent to users.

I would have preferred a signature by Prince Shaon instead. Makes me sad looking at it this way :'(

https://i.imgur.com/P9aBngj.png

Has anyone here clicked on the link that those scam/spam emails posted and if so, what is it?  Is it malware/keylogger or is it something else?  Like asking you to type your seed?  Could you lose your coins just clicking on those links?  Read about chrome extension and how someone got their coins stolen in it... when they used a hardware wallet... but it wasn't ledger or trezor.

You can't lose your coins from a Ledger (or other hardware wallets) simply by clicking on a link... That is the entire purpose of hardware wallets. You would need to have the device connected and explicitly authorise a transaction on the device itself to send a transaction, and the private keys/seeds are shielded from external applications.

The simple answer is that it doesn't matter what the link goes to (be it a fake version of Ledger Live, keylogger or a website asking for your 24 words), you simply should NOT click on it... it's obviously fake and a poor attempt to try and steal your coins.

So what happened here then? This person typed in his keepkey seed?

I saw this post on someone using a hardware wallet called keepkey and used a malicious chrome extension through google...  

So what happened here then? This person typed in his keepkey seed?  Again i don't know of any hardware wallets besides nano ledger and trezor... but this guy mentioned he used a hardware wallet.

Yea obviously you should not click on whatever link is in the email.  But i got to assume it has to be malware/keylogger at least right?  I can't imagine a hacker putting a link and you only get screwed if you actually type in your seed.  I mean... wouldn't they make it malware/keylogger as well so then they can get into your email or say keepass/lastpass and thus they find your seed somewhere there?

Also i assume the safe way to find out if a link has malware/keylogger or any malicious would be use a separate computer that uses linux or chromebook then?  Or even if you use a windows computer, make sure its like a throwaway computer or a testing computer so to speak... to see what it is?  I recall i saw some youtube video where a guy intentionally click on malware/virus/keylogger links to see what it did to their computer... and they used a virtual machine for that.

So someone installing a virtual machine or using linux/chromebook could possibly test this all out without risk to their main computer?  But would there be any danger to their internet though?

Which do you think is easier and quicker to make (and more likely to success)? ??? A website that says "hey this is Ledger website, please confirm your 24 word ledger seed here:" and harvests 24 word seeds... or create an installer for malware that goes targeting keepass/lastpass databases on the off chance the victim actually has those installed, and they actually stored their seed there (against all common sense and recommendations of NOT storing your seed digitally)? ???

I stand myself corrected; they sent a second email that did go straight to the spam folder;

Never heard about website Crypto-mails.com before and I can't even access it.

Someone has already mentioned that it is not the smartest thing to open such spam e-mails at all, because it is possible that those who send them use some methods to get your IP and some other information. In other words, you are letting the bad guys know that you are active and that it makes sense to keep trying to deceive you in some way.

Is it really possible for them to know IP address when you just open email without clicking any links? Because I've never hear about such thing before. If it's really possible, then probably it's not good idea to open these emails.

Yeah, it's possible. It's called Pixel-Tracking.

The good thing about Pixel-Tracking is that you can probably prevent it from getting to your private data by going into the settings of your email client and turning of the option for showing images from the email. And if the mail ends up in your spam folder, I think clients like Hotmail and Yahoo disable the option to display external images by default. I have read about Pixel-Tracking extensions and add-ons as well, but never tested any personally.  

Does anyone know what kind of font/formatting this is and why can't it be copy-pasted in a post on Bitcointalk?
I tried to look up those addresses on a block explorer, but they either don't exist or whatever font/formatting/encoding he used messed it all up. Neither of the two addresses can be copy/pasted into a block explorer after removing the special characters.

������������������������������������������

������������������������������������������

���� �� ��� ��. � ���� ���������� ����� ���.

�� ��������, ��� ���� ������ �� �������� � ���� ������ �� ������. � �� ����� �� ����� ��� ���� ����������� (��� ����) ���� ����� ���� ������� �� ���� ����.

�� ��� ����� ��� ���! ���, �� � ����� �� �� ����, ��� ��� ������� ��� ��� �������� ������������ ���� ��� ������ �� ��� ��� ���� ����� ����?

���������� �����? ���, �� �����'� ����� �� �� ���� ���. � ���� ���� ��� � ��� ��� �� ����.

���� �� ������ �.� ��� �� ���������������������������������������^^��� �� �� ��� �� ������������������^^������������������������ [����-���������, ���� ��� ����� ��, ��� ������ ^^ ���� ��] ������ ��� ���� ������ ���� �����, ��� � ���� ��� � ���� �� �� ����. ���� �������� ���� ���� �� ������ ��� � ���� ����� ��� ����� �������.

�� ��� ��� ������, ��� ���� �� ������� �� ������ �� ���� ������-���� �����, � ���� ��������� ���� ������� ����� ���� �� ���� ��� �� ������ ���� ������� ���� ���� �� �� ���.

� ���� ��� �� ��� ���� ����� ������ ����� ��� �������� �� ������ ��� ����� ������.

Those characters are unicode, which is why they don't show up in preview. The same is true of any unicode, such as custom emojis like this one - 😀

But it's "OK"... Ledger are now going to delete all our personal data "as fast as possible"

I assume that includes the data of the extra 20,000 victims of the Shopify leak that have come to light ::) ::)

But why would people with bad intention do it? Wouldn't it makes the email more likely filtered by spam filter feature?

At least it's useful for Ledger customer who're not affected by previous data leaks and future Ledger customer, assuming they actually and successfully do it.

There is a "Search engine" for the database leak here: https://www.argent.xyz/ledgerhack/

You simply enter your email address associated with your Ledger purchase and it will tell you if:

a. it didn't find that email address at all
b. it found only your email address in the leaked data
c. it found your email address and other details like address and phone number etc in the leaked data

But its for sure putting your email here won't do anything bad to it right? 

Security-wise, nothing can happen to your email address if you enter it there or on sites like haveibeenpwned. It might not be the best thing to do from a privacy perspective. Whoever created the site can connect anyone who enters his email there as being an owner of a Ledger device. Why else would you search his database?

Have you received targeted phishing emails already? If you have, your data has probably been leeked. If not, no reason to search the database because if your info was public somewhere, I doubt you could have gone this far without receiving some kind of crap. What this source can show you is if only your email got leeked, or more of your private info.

Also i receive ton of crypto like spam email... but its possibly that is coincidence?  I got to assume maybe even regular people receive ton of that spam mail nowadays?

My partner, who knows pretty much nothing about crypto (other than the fact that some of my crypto bought her some amazon giftcards for her B'day :P) gets emails every other day about Doge or Crypto.com or "DeFi" or <insert crypto "scam" here> etc... ::)

But i wonder if entering email address on the one hcp posted would be good or not because wouldn't they record any email address typed in though even though it says it won't?

I received targeting phishing emails a while back... the ones where it say we see your ledger has been logged in russia or some country like that etc.

That is a possibility, yes. No one can tell you that with certainty. Only the owner of the site can, and he can lie about it. If you think your data has been leeked, make a search to see what exactly is out there. But don't do it just to cure your curiosity. 

That's different. Spam mails like that were sent even before the Ledger hack. Have you received the type of emails described in this thread? The ones telling you your assets are at risk, and you need to download a new version of the LL software?

What i do know is my email when i put it on that site of haveibeenpwned.com does show yes though.


But of course im not sure putting my ledger email in that site is thus safe etc.


So i guess if you didn't get that specific email message of you need to download ledger live and update it... then most likely your are fine?  Now anyone here get any spam to phone number though?  Since its been said phone number could be leaked?

So i guess if you didn't get that specific email message of you need to download ledger live and update it... then most likely your are fine?

Now anyone here get any spam to phone number though?  Since its been said phone number could be leaked?