IMPORTANT WARNING for Ledger user, it has been attacked by malware.

[The Cryptovator]

Duplicate post isn't allow by forum, but unfortunately not much peoples are active on wallet section. So in order to help Ledger  user I will post my warning topic link here. Please read this topic if you are using Ledger , WARNING! Ledger detected a malware . Don't fall any malware attack, save your crypto.

[mk4]

For clarity so people won't panic: Ledger has NOT been compromised. Your wallets are pretty much safe as long as your computer doesn't get infected by this malware. It's an attack on user's Windows computers, not on the Ledger device, or Ledger's software.

Based on Ledger's tweet[1], the fraudulent software asks the users to re-enter the 24-word seed on the computer, whereas if you aren't stupid, you definitely wouldn't do.



[1] https://twitter.com/Ledger/status/1121439219086495745

[whotookmycrypto]

Yeah if users understood the purpose of a hardware wallet they probably wouldn't have fallen for this ie. It's function is to achieve a separation between your keys and your desktop. Entering your seed into a desktop application just defeats the whole purpose of having one.

Your seeds should only be entered into your hardware device, never on your desktop / other electronic devices.

[Lakai01]

Thanks for the clarification mjglqw! Was shocked when I read the headline

Well made phishing attempt in my opinion, I am sure that a lot of lesser advanced users are going to enter the passphrase ...

[mk4]

Thanks for the clarification mjglqw! Was shocked when I read the headline

Well made phishing attempt in my opinion, I am sure that a lot of lesser advanced users are going to enter the passphrase ...

Yea, it was pretty much somewhat like a phishing attempt, that's far more convincing(for the uneducated) as the users think they're still opening the same program on their computer. I won't be surprised if the casualties are high on this fiasco.

[bill gator]

Essentially this requires a series of unfortunate events in order for your coins to be stolen. As secure as hardware wallets are, you would be safer using them on a secure system that is not utilized for regular browsing, torrenting, gaming, etc. So you'd have to fail that test, and get yourself a virus to start the chain. Then, you have to fall for the phishing attempt that the virus prompts. I'm not a ledger user, but Trezor has literally never asked me for my seed, and I would find it very suspicious if it suddenly did.

Moral of the story, don't use your wallet on a potentially infected system and when in doubt do not provide your seed. Sounds like common sense and due diligence come out on top again!

I'll remain calm until the hardware wallets themselves become vulnerable without handing over your private key.

[ranman09]

For clarity so people won't panic: Ledger has NOT been compromised. Your wallets are pretty much safe as long as your computer doesn't get infected by this malware. It's an attack on user's Windows computers, not on the Ledger device, or Ledger's software.

Based on Ledger's tweet[1], the fraudulent software asks the users to re-enter the 24-word seed on the computer, whereas if you aren't stupid, you definitely wouldn't do.



[1] https://twitter.com/Ledger/status/1121439219086495745

Oh so it's mostly an attack for those who doesn't know how to use Ledger. Well, as per my experience, you will use the recovery keys on the Ledger device itself. You will need to type in the each words in the Ledger device. Don't worry its with the use of it's word prediction AI.

A useful video here from Ledger -
https://www.google.com/search?q=how+to+recover+a+wallet+in+Ledger+Nano+S&oq=how+to+recover+a+wallet+in+Ledger+Nano+S&aqs=chrome..69i57j0.15640j0j1&sourceid=chrome&ie=UTF-8#kpvalbx=1 (link is a clip from google)