Bitcoin Forum

Economy => Service Discussion => Topic started by: BitcoinGirl.Club on November 09, 2020, 04:52:24 PM



Title: Ledger live client compromised email
Post by: BitcoinGirl.Club on November 09, 2020, 04:52:24 PM
Due to busy schedule in the real life, I was not checking my email regularly from last few weeks. I was cleaning up my inbox and spotted some emails that were sent from Ledger.

https://i.imgur.com/qKBk5Vy.png

From my last experience of hacking my email account, I am now in doubt to verify if this is really the news or it's something else. I googled about Ledger live update and did not see anything at all. Can anyone who use Ledger Liver please help me out to understand all these?

Emails came from
Code:
noreply@ledger.com
info@ledgersupport.io
support@legder.com

And there were downloadable links
Code:
http://url2330.legder.com/ls/click?upn=TLxmY63pt7lFVw4Tl2qK9quhzKtzT2ZXo5e9Kq6fflQBilzmpFhrqYvFFNHij-2FUD3-2BP1GAAzI6JJ5ynL9-2BrJxfTBmO2lM-2BLvLkFd1HmxP3c-3DLjEo_LRmZwZTIHdvEbXw2vhgkxhrpew2YjUGw06w6-2BTLG8We54bWZ2Pf-2FE5XfDuXLszPx8UTtX44IWwqt4WCcdkO0cSKcBx73ZM3U6fNDWBBc1P0nXbJAIwg7UQ1qrjqAeR3kPk-2FaB-2F4JcPZyfh5PsMBh3oLQwzWVMYdOrt9jyEl6hret7XcEahlItarJFGTse0OLbpMZnc9N6tatnFYvfkCzoUX9p3qgb4UKxH-2FygQS5ZFU-3D
Code:
https://u513766.ct.sendgrid.net/ls/click?upn=-2BylhWESfAB0n1QuGZOXPjOU6zm0VBIs2wF4dtPw-2F8O2jel4Obyg78tJpb80cgFmVyR7H-2BdQKZaRr1sVjees5uR457-2Bgc84kWQGvnyOp1Fwc-3DKPBA_LRmZwZTIHdvEbXw2vhgkxhrpew2YjUGw06w6-2BTLG8Wdix4z4cJroQOWaVFZxslFh0mh6zypdlWiMymWWEG-2BAh5b7DF5L5EbPYU-2ByGeWEjOCprSf5NR4qdZ58pPMsebEukWMmLiWZL3CPoLfBZDGtwN6ewRAHx-2Fx8Qg8SXpV77M0YhgHKjLdbHeqnd4tlTWzkFFyF62sIYi73ckYnZWy-2Fc2Off2yeV69TXWgPrzZEgXA-3D

Thanks


Title: Re: Ledger live client compromised email
Post by: BitcoinGirl.Club on November 09, 2020, 04:52:59 PM
Reserved


Title: Re: Ledger live client compromised email
Post by: LeGaulois on November 09, 2020, 04:58:07 PM
It's a phishing email. If you click the link inside you will notice a different domain name, and the website will ask you to enter your seed. It's also possible you receive some SMS since Ledger's database has been compromised (https://decrypt.co/37063/bitcoin-wallet-ledgers-database-hacked-for-1-million-emails) this summer

See below


https://nsa40.casimages.com/img/2020/10/31/201031110755800494.jpg (https://www.casimages.com/i/201031110755800494.jpg.html)



https://nsa40.casimages.com/img/2020/10/31/20103111104942718.jpg (https://www.casimages.com/i/20103111104942718.jpg.html)




There are different threads talking about it
https://bitcointalk.org/index.php?topic=5284407.new
https://bitcointalk.org/index.php?topic=5284388.0
https://bitcointalk.org/index.php?topic=5284414.0


Title: Re: Ledger live client compromised email
Post by: TryNinja on November 09, 2020, 05:01:45 PM
What is the content of the messages?

Ledger's ecommerce database was hacked some time ago, and recently another user accused them of hiding the fact that they were also hacked a second time, for their affiliate database.

This means that someone probably has your name, email, phone number and even physical address. And they can send you fake SMS or emails pretending to be Ledger and asking you to download fake "updates" and/or sending them your backup seed.

The first email "beware of ongoing phishing campaigns" seems to be legit, and I also received it. The other two are sketchy. If they say something along the lines of this email, then those are the hackers trying to steal your coins:

https://i.redd.it/nfdarc1a3dv51.jpg

https://preview.redd.it/bze57nxfyvx51.jpg?width=1080&format=pjpg&auto=webp&s=a1f5905ed9a82b8a7fc068b69e6a398f08ef32b5

Here is Ledger's FAQ about the hack: https://support.ledger.com/hc/en-us/articles/360015559320

[1] https://www.reddit.com/r/ledgerwallet/comments/ji7pp9/scam_email/
[2] https://www.reddit.com/r/ledgerwallet/comments/jpynbb/text_message_scam/

edit: typo


Title: Re: Ledger live client compromised email
Post by: BitcoinGirl.Club on November 09, 2020, 05:05:42 PM
It's a phishing email. If you click the link inside you will notice a different domain name, and the website will ask you to enter your seed.

I have no idea who are these fuckers and what they want from me? It seems they are after me from long time. Not long ago one of my email address was compromised (https://bitcointalk.org/index.php?topic=5266384.0) and with that my Bitcointalk account and other online accounts were at risk. I had to go through all these hassle to change email address in everything. This sucks man!

Fortunately this account is not associated with any account I have but I remember I used this email when I ordered my Ledger long ago. How did the phisher got my email then?


Title: Re: Ledger live client compromised email
Post by: TryNinja on November 09, 2020, 05:11:36 PM
I have no idea who are these fuckers and what they want from me? It seems they are after me from long time.
They are sending those emails to everyone who's email got leaked by Ledger's team. I don't think that's personal, they just want you (and everybody else) to send them your wallet backup seed/coins.

but I remember I used this email when I ordered my Ledger long ago. How did the phisher got my email then?
We just said Ledger's ecommerce database was hacked. If you ever put your email there when ordering a Ledger, then that's how they got it.

https://support.ledger.com/hc/en-us/articles/360015559320


Title: Re: Ledger live client compromised email
Post by: BitcoinGirl.Club on November 09, 2020, 05:45:55 PM
TryNinja

https://i.imgur.com/710DeTd.png https://i.imgur.com/nloY58V.png

Good to hear that it was not personal. I was feeling frustrated LOL

We just said Ledger's ecommerce database was hacked. If you ever put your email there when ordering a Ledger, then that's how they got it.

https://support.ledger.com/hc/en-us/articles/360015559320
Yes this is assuring. Weird thing is the hacker has my home address at that time I used to live LOL
Shit happened eventually.

There are different threads talking about it
https://bitcointalk.org/index.php?topic=5284407.new
https://bitcointalk.org/index.php?topic=5284388.0
https://bitcointalk.org/index.php?topic=5284414.0
I missed all of them brother. Lately I am not devoting much time on the forum. It's just some other things I have to look after.


Title: Re: Ledger live client compromised email
Post by: TryNinja on November 09, 2020, 06:08:57 PM
https://i.imgur.com/710DeTd.png https://i.imgur.com/nloY58V.png
Yep. The first one with the download button is 100% a scam. Don't you dare to click on that button. :D

The other one is legit.


Title: Re: Ledger live client compromised email
Post by: BitcoinGirl.Club on November 09, 2020, 06:20:37 PM
https://i.imgur.com/710DeTd.png https://i.imgur.com/nloY58V.png
Yep. The first one with the download button is 100% a scam. Don't you dare to click on that button. :D

The other one is legit.
YES SIR! 😛

Thanks both of you to share your knowledge. This thread has no more use now.