Title: Ledger live client compromised email Post by: BitcoinGirl.Club on November 09, 2020, 04:52:24 PM Due to busy schedule in the real life, I was not checking my email regularly from last few weeks. I was cleaning up my inbox and spotted some emails that were sent from Ledger.
https://i.imgur.com/qKBk5Vy.png From my last experience of hacking my email account, I am now in doubt to verify if this is really the news or it's something else. I googled about Ledger live update and did not see anything at all. Can anyone who use Ledger Liver please help me out to understand all these? Emails came from Code: noreply@ledger.com And there were downloadable links Code: http://url2330.legder.com/ls/click?upn=TLxmY63pt7lFVw4Tl2qK9quhzKtzT2ZXo5e9Kq6fflQBilzmpFhrqYvFFNHij-2FUD3-2BP1GAAzI6JJ5ynL9-2BrJxfTBmO2lM-2BLvLkFd1HmxP3c-3DLjEo_LRmZwZTIHdvEbXw2vhgkxhrpew2YjUGw06w6-2BTLG8We54bWZ2Pf-2FE5XfDuXLszPx8UTtX44IWwqt4WCcdkO0cSKcBx73ZM3U6fNDWBBc1P0nXbJAIwg7UQ1qrjqAeR3kPk-2FaB-2F4JcPZyfh5PsMBh3oLQwzWVMYdOrt9jyEl6hret7XcEahlItarJFGTse0OLbpMZnc9N6tatnFYvfkCzoUX9p3qgb4UKxH-2FygQS5ZFU-3D Code: https://u513766.ct.sendgrid.net/ls/click?upn=-2BylhWESfAB0n1QuGZOXPjOU6zm0VBIs2wF4dtPw-2F8O2jel4Obyg78tJpb80cgFmVyR7H-2BdQKZaRr1sVjees5uR457-2Bgc84kWQGvnyOp1Fwc-3DKPBA_LRmZwZTIHdvEbXw2vhgkxhrpew2YjUGw06w6-2BTLG8Wdix4z4cJroQOWaVFZxslFh0mh6zypdlWiMymWWEG-2BAh5b7DF5L5EbPYU-2ByGeWEjOCprSf5NR4qdZ58pPMsebEukWMmLiWZL3CPoLfBZDGtwN6ewRAHx-2Fx8Qg8SXpV77M0YhgHKjLdbHeqnd4tlTWzkFFyF62sIYi73ckYnZWy-2Fc2Off2yeV69TXWgPrzZEgXA-3D Thanks Title: Re: Ledger live client compromised email Post by: BitcoinGirl.Club on November 09, 2020, 04:52:59 PM Reserved
Title: Re: Ledger live client compromised email Post by: LeGaulois on November 09, 2020, 04:58:07 PM It's a phishing email. If you click the link inside you will notice a different domain name, and the website will ask you to enter your seed. It's also possible you receive some SMS since Ledger's database has been compromised (https://decrypt.co/37063/bitcoin-wallet-ledgers-database-hacked-for-1-million-emails) this summer
See below https://nsa40.casimages.com/img/2020/10/31/201031110755800494.jpg (https://www.casimages.com/i/201031110755800494.jpg.html) https://nsa40.casimages.com/img/2020/10/31/20103111104942718.jpg (https://www.casimages.com/i/20103111104942718.jpg.html) There are different threads talking about it https://bitcointalk.org/index.php?topic=5284407.new https://bitcointalk.org/index.php?topic=5284388.0 https://bitcointalk.org/index.php?topic=5284414.0 Title: Re: Ledger live client compromised email Post by: TryNinja on November 09, 2020, 05:01:45 PM What is the content of the messages?
Ledger's ecommerce database was hacked some time ago, and recently another user accused them of hiding the fact that they were also hacked a second time, for their affiliate database. This means that someone probably has your name, email, phone number and even physical address. And they can send you fake SMS or emails pretending to be Ledger and asking you to download fake "updates" and/or sending them your backup seed. The first email "beware of ongoing phishing campaigns" seems to be legit, and I also received it. The other two are sketchy. If they say something along the lines of this email, then those are the hackers trying to steal your coins: https://i.redd.it/nfdarc1a3dv51.jpg https://preview.redd.it/bze57nxfyvx51.jpg?width=1080&format=pjpg&auto=webp&s=a1f5905ed9a82b8a7fc068b69e6a398f08ef32b5 Here is Ledger's FAQ about the hack: https://support.ledger.com/hc/en-us/articles/360015559320 [1] https://www.reddit.com/r/ledgerwallet/comments/ji7pp9/scam_email/ [2] https://www.reddit.com/r/ledgerwallet/comments/jpynbb/text_message_scam/ edit: typo Title: Re: Ledger live client compromised email Post by: BitcoinGirl.Club on November 09, 2020, 05:05:42 PM It's a phishing email. If you click the link inside you will notice a different domain name, and the website will ask you to enter your seed. I have no idea who are these fuckers and what they want from me? It seems they are after me from long time. Not long ago one of my email address was compromised (https://bitcointalk.org/index.php?topic=5266384.0) and with that my Bitcointalk account and other online accounts were at risk. I had to go through all these hassle to change email address in everything. This sucks man!Fortunately this account is not associated with any account I have but I remember I used this email when I ordered my Ledger long ago. How did the phisher got my email then? Title: Re: Ledger live client compromised email Post by: TryNinja on November 09, 2020, 05:11:36 PM I have no idea who are these fuckers and what they want from me? It seems they are after me from long time. They are sending those emails to everyone who's email got leaked by Ledger's team. I don't think that's personal, they just want you (and everybody else) to send them your wallet backup seed/coins.but I remember I used this email when I ordered my Ledger long ago. How did the phisher got my email then? We just said Ledger's ecommerce database was hacked. If you ever put your email there when ordering a Ledger, then that's how they got it.https://support.ledger.com/hc/en-us/articles/360015559320 Title: Re: Ledger live client compromised email Post by: BitcoinGirl.Club on November 09, 2020, 05:45:55 PM TryNinja
https://i.imgur.com/710DeTd.png https://i.imgur.com/nloY58V.png Good to hear that it was not personal. I was feeling frustrated LOL We just said Ledger's ecommerce database was hacked. If you ever put your email there when ordering a Ledger, then that's how they got it. Yes this is assuring. Weird thing is the hacker has my home address at that time I used to live LOL https://support.ledger.com/hc/en-us/articles/360015559320 Shit happened eventually. There are different threads talking about it I missed all of them brother. Lately I am not devoting much time on the forum. It's just some other things I have to look after.https://bitcointalk.org/index.php?topic=5284407.new https://bitcointalk.org/index.php?topic=5284388.0 https://bitcointalk.org/index.php?topic=5284414.0 Title: Re: Ledger live client compromised email Post by: TryNinja on November 09, 2020, 06:08:57 PM https://i.imgur.com/710DeTd.png https://i.imgur.com/nloY58V.png Yep. The first one with the download button is 100% a scam. Don't you dare to click on that button. :DThe other one is legit. Title: Re: Ledger live client compromised email Post by: BitcoinGirl.Club on November 09, 2020, 06:20:37 PM https://i.imgur.com/710DeTd.png https://i.imgur.com/nloY58V.png Yep. The first one with the download button is 100% a scam. Don't you dare to click on that button. :DThe other one is legit. Thanks both of you to share your knowledge. This thread has no more use now. |