LedgerBot - New phishing on Ledger

[bitmover]

I saw this on Reddit. Some people robbed already
https://www.reddit.com/r/ledgerwallet/comments/cj9xo0/new_ledger_bot_trying_to_obtain_private_key_and/



Never write your seed you received from your hardware Wallet device anywhere, just ion a paper. Never on a computer or phone.

[GreatArkansas]

So this is someone who is not connected to Ledger Wallet nor not on their development team right?
As what the Ledger CTO said, we can easily report the user /u/LedgerBot

Please report the user : https://www.reddithelp.com/en/submit-request/breaking-content-policy

[bob123]

Do you have any more information regarding the URL ?

Does it only display ledger.com but links to a completely different site ? Is this even possible on reddit ?
Or was there some kind of advanced attack (spoofing of any kind, etc. ) ?

I wasn't able to gather anything related to that from the reddit post.

[Rath_]

Do you have any more information regarding the URL ?

Yes, it was a hyperlink. This user clicked on https://www.ledger.com/helpdesk/bip39tool/ but in fact he accessed a different website. If he had copied the address manually or moved his mouse cursor over the link, he would have noticed that something was wrong. The user did not check the address bar immediately after accessing the website.

[Lucius]

I reported same thing on 19 July in this thread, it is a same type of attack with only slightly different formatted instructions. It all comes down to trying to convince an inexperienced user to type his 24 word seed in some fake tool.

I guess hackers will try with this attack on Reddit as long as there is some success for them, and creating new accounts and posting is free.

[Pmalek]

Unknowing users are making it so easy for these scammers. It is stated everywhere that your seed words should be written down by hand and stored in a safe place. It should never be uploaded or stored online for any reason. And that is exactly what people do. All the scammers need to do is make up a new story why you need to send them your seed and it will work

[The Sceptical Chymist]

Yes, it was a hyperlink. This user clicked on https://www.ledger.com/helpdesk/bip39tool/ but in fact he accessed a different website. If he had copied the address manually or moved his mouse cursor over the link, he would have noticed that something was wrong. The user did not check the address bar immediately after accessing the website.

Holy crap.  And OP, thanks for posting the warning.  I've owned a Ledger for about a month now, so I've been reading stuff in this section about it and could well have fallen for the same thing.

It is stated everywhere that your seed words should be written down by hand and stored in a safe place. It should never be uploaded or stored online for any reason.

That's probably the only reason I wouldn't have gotten scammed, because I'm not entering my seed phrase onto anything anytime soon, but I suspect if my Ledger breaks or something like that I'll eventually have to.  Good to know about these sorts of scams.

I guess hackers will try with this attack on Reddit as long as there is some success for them, and creating new accounts and posting is free.

Freakin' Reddit, man.  I avoid them like the plague, even if there's occasionally some good information posted there about crypto.  Don't know exactly why, but that entire site gives me a very bad vibe.

[o_e_l_e_o]

That's probably the only reason I wouldn't have gotten scammed, because I'm not entering my seed phrase onto anything anytime soon, but I suspect if my Ledger breaks or something like that I'll eventually have to.

If you do ever have to enter you mnemonic phrase in to any electronic device, regardless of how secure you think it may be, best practice is to assume it will immediately be compromised. On the one occasion I have had to do it, I had a new wallet already set up, with a new mnemonic phrase written down and stored securely, and a receiving address ready to go. As soon as I restored my old wallet, I immediately swept everything it contained to the new wallet.

You can't be too safe when dealing with your mnemonic phrase. If you have entered your phrase somewhere in the past, and think no one has access because your coins haven't been stolen yet, they might simply be watching and waiting for you to make a larger deposit. Would you bet all your wallet's contents on it being safe?