Bitcoin Forum
November 07, 2024, 12:14:58 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: IMPORTANT WARNING for Ledger user, it has been attacked by malware.  (Read 229 times)
The Cryptovator (OP)
Legendary
*
Offline Offline

Activity: 2394
Merit: 2223

Signature space for rent


View Profile WWW
April 25, 2019, 05:36:45 PM
Last edit: April 25, 2019, 05:48:54 PM by Coolcryptovator
 #1

Duplicate post isn't allow by forum, but unfortunately not much peoples are active on wallet section. So in order to help Ledger  user I will post my warning topic link here. Please read this topic if you are using Ledger , WARNING! Ledger detected a malware . Don't fall any malware attack, save your crypto.

Signature Space for Rent
mk4
Legendary
*
Offline Offline

Activity: 2926
Merit: 3881


📟 t3rminal.xyz


View Profile WWW
April 25, 2019, 05:46:09 PM
 #2

For clarity so people won't panic: Ledger has NOT been compromised. Your wallets are pretty much safe as long as your computer doesn't get infected by this malware. It's an attack on user's Windows computers, not on the Ledger device, or Ledger's software.

Based on Ledger's tweet[1], the fraudulent software asks the users to re-enter the 24-word seed on the computer, whereas if you aren't stupid, you definitely wouldn't do.




[1] https://twitter.com/Ledger/status/1121439219086495745

» t3rminal.xyz «
Telegram Alert Bots for Traders
whotookmycrypto
Full Member
***
Offline Offline

Activity: 168
Merit: 214


WhoTookMyCrypto.com


View Profile WWW
April 26, 2019, 01:29:48 AM
Last edit: April 26, 2019, 02:25:13 AM by whotookmycrypto
 #3

Yeah if users understood the purpose of a hardware wallet they probably wouldn't have fallen for this ie. It's function is to achieve a separation between your keys and your desktop. Entering your seed into a desktop application just defeats the whole purpose of having one.

Your seeds should only be entered into your hardware device, never on your desktop / other electronic devices.

Lakai01
Legendary
*
Offline Offline

Activity: 2478
Merit: 2898


Enjoy 500% bonus + 70 FS


View Profile
April 26, 2019, 04:16:41 AM
 #4

Thanks for the clarification mjglqw! Was shocked when I read the headline Wink

Well made phishing attempt in my opinion, I am sure that a lot of lesser advanced users are going to enter the passphrase ...


█████████████████████████▄▄▄
████████████████████████▐███▌
█████████████████████████▀▀▀
██▄▄██▄████████████████████████▄███▄
▐██████▐█▌████▌███▌▐███▐███▀▀████▌
▀▀███▌██▌▐████▌▐███
█████▌███▌██████▌
██▐██████████████████▐███▐██████▐███
█████▌████████▐██████████▌███▌██████▌
███▀▀████▀▀████▀▀▀█████▀▀███▀▀█████▀▀


▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
|
▄▄█████████████████▄▄
███████████████████████
██████████▀▀▀▀▀██████████
███████▀░▄█████▄░▀███████
██████░▄█▀░░▄░░▀█▄░██████
█████░██░░▄███▄░░██░█████
█████░██░███████░██░█████
█████░██░░▀▀█▀▀░░██░█████
██████░▀█▄░▀▀▀░▄█▀░██████
███████▄░▀█████▀░▄███████
██████████▄▄▄▄▄██████████
███████████████████████
▀▀█████████████████▀▀
 
LICENSED CRYPTO
CASINO & SPORTS
|
▄▄█████████████████▄▄
███████████████████████
█████████████████████████
███████████████▀▀████████
███████████▀▀█████▐█████
███████▀▀████▄▄▀█████████
█████▄▄██▄▄██▀████▐██████
███████████▀█████████████
██████████▄▄███▐███████
███████████████▄████████
█████████████████████████
███████████████████████
▀▀█████████████████▀▀
 
TELEGRAM
APP
|
..WELCOME BONUS..
500% + 70 FS
 
.
..PLAY NOW..
mk4
Legendary
*
Offline Offline

Activity: 2926
Merit: 3881


📟 t3rminal.xyz


View Profile WWW
April 26, 2019, 11:02:58 AM
 #5

Thanks for the clarification mjglqw! Was shocked when I read the headline Wink

Well made phishing attempt in my opinion, I am sure that a lot of lesser advanced users are going to enter the passphrase ...

Yea, it was pretty much somewhat like a phishing attempt, that's far more convincing(for the uneducated) as the users think they're still opening the same program on their computer. I won't be surprised if the casualties are high on this fiasco.

» t3rminal.xyz «
Telegram Alert Bots for Traders
bill gator
Legendary
*
Offline Offline

Activity: 1372
Merit: 1123



View Profile
April 26, 2019, 07:20:48 PM
 #6

Essentially this requires a series of unfortunate events in order for your coins to be stolen. As secure as hardware wallets are, you would be safer using them on a secure system that is not utilized for regular browsing, torrenting, gaming, etc. So you'd have to fail that test, and get yourself a virus to start the chain. Then, you have to fall for the phishing attempt that the virus prompts. I'm not a ledger user, but Trezor has literally never asked me for my seed, and I would find it very suspicious if it suddenly did.

Moral of the story, don't use your wallet on a potentially infected system and when in doubt do not provide your seed. Sounds like common sense and due diligence come out on top again!

I'll remain calm until the hardware wallets themselves become vulnerable without handing over your private key.
ranman09
Full Member
***
Offline Offline

Activity: 756
Merit: 112


View Profile
April 27, 2019, 03:45:16 AM
 #7

For clarity so people won't panic: Ledger has NOT been compromised. Your wallets are pretty much safe as long as your computer doesn't get infected by this malware. It's an attack on user's Windows computers, not on the Ledger device, or Ledger's software.

Based on Ledger's tweet[1], the fraudulent software asks the users to re-enter the 24-word seed on the computer, whereas if you aren't stupid, you definitely wouldn't do.




[1] https://twitter.com/Ledger/status/1121439219086495745

Oh so it's mostly an attack for those who doesn't know how to use Ledger. Well, as per my experience, you will use the recovery keys on the Ledger device itself. You will need to type in the each words in the Ledger device. Don't worry its with the use of it's word prediction AI.

A useful video here from Ledger -
https://www.google.com/search?q=how+to+recover+a+wallet+in+Ledger+Nano+S&oq=how+to+recover+a+wallet+in+Ledger+Nano+S&aqs=chrome..69i57j0.15640j0j1&sourceid=chrome&ie=UTF-8#kpvalbx=1 (link is a clip from google)
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!