[Warning]: Fake Ledger site

[TravelMug]

What happened: Fake Ledger Site

Website:

Code:

https://restore-ledgerwallet.org/unlock/mnemonic.html

Archived: https://archive.is/ak07X



Whois information:

Registrant Org    WhoisGuard, Inc.
Registrant Country    pa
Registrar    NameCheap, Inc.
IANA ID: 1068
URL: http://www.namecheap.com
Whois Server: whois.namecheap.com

(p)
Registrar Status    serverTransferProhibited
Dates    51 days old
Created on 2020-09-17
Expires on 2021-09-17
Updated on 2020-09-17    
 
Name Servers    DNS1.NAMECHEAPHOSTING.COM (has 957,823 domains)
DNS2.NAMECHEAPHOSTING.COM (has 957,823 domains)
   
 
Tech Contact    —
IP Address    192.64.118.17 - 445 other sites hosted on this server

It seems that this website has been existing for a couple of months now without us noticing it.

Not sure if someone has fallen for it, but we will always assume that this kind of website can still get someone a victim. So again, community help is needed to report this kind of malicious websites.

[Jating]

It's probably not the best phishing site out there, that's why it is not reported as other fake sites who looks extremely the same with the original, the UI and the feel of the website itself. Maybe subtle difference for an experience eye like no SSL certificate and asking for your mnemonic phrase which is a big no-no for Ledger.

Also this kind of phishing site has been growing because of the supposedly leaked info of Ledger users. So if you are a ledger user yourself, don't response to any email or call or sms because most likely this is a scam attempt.

[$crypto$]

It's that simple they make a phishing site when opening the site so they are told to enter their private key. This is ridiculous and there are no good skills. lol

I believe that if a phishing site like this would not have anyone fall in love with this trap they would realize that this fake Ledger is not influenced by anyone, we will be aware of many things like this ourselves.

[bL4nkcode]

I guess most users who have a hardware wallet like ledger knew the risks of exposing their recovery seed to any website or software aside from using related apps only with their ledger and its USB connector.

So it's good to assume that once a hardware wallet user knows already this kind of scams, well, except to clipboard malware and downloading fake ledger apps since it's hard to detect especially to those who are fond of downloading random apps on their device without using any device protection such av.

[TalkStar]

Not sure if someone has fallen for it, but we will always assume that this kind of website can still get someone a victim. So again, community help is needed to report this kind of malicious websites.

I have seen exactly same frontend in some phishing electrum sites and IMO this one is running by the same group of scammers. Thanks for letting us know about this and i believe that Ledger users are not gonna share their wallet information on this kinda fake platforms.  

I guess most users who have a hardware wallet like ledger knew the risks of exposing their recovery seed to any website or software aside from using related apps only with their ledger and its USB connector.

Yeah you are right. From my personal experience i can tell that after spending a good amount of time in crypto world people learn about hardware wallets and at-least ledger users will not gonna give scammers easy chances to steal their assets.

[The Cryptovator]

Whoever has been using Ledger device I think they have enough knowledge to avoid such a phishing attempt. What is the point of using a hardware wallet if we input our mnemonic phrases online? Doesn't matter it's a phishing site or an original site, entering mnemonic phrases means you are throwing yourself at risk.

Anyway, thanks for sharing with the community. Hope no one has fallen into this trap, and others would learn from this post.

[Yaunfitda]

Unfortunately, Ledger owners lose 1.1 million XRP to scam site .

Someone losses big amount to such fake and malicious Ledger apps out there. So be careful for all Ledger users as cyber actors have been targeting a lot of it's customers since the data breach.

[Raflesia]

Unfortunately, Ledger owners lose 1.1 million XRP to scam site .

Someone losses big amount to such fake and malicious Ledger apps out there. So be careful for all Ledger users as cyber actors have been targeting a lot of it's customers since the data breach.

It's crazy that there are people who lose so much in the Ledger apps, it's really unexpected that scamer will take a big profit from the results of the scam phishing site they created, this is too complacent so that the victim becomes trapped in a situation that doesn't know what will happen.

Scamer will continue to be the main culprit in the world of fraud and it will keep track of what's happening in the community.

[Lucius]

For those who don't know how to report phishing the direct link is : https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en

Also, if you are using Firefox (possibly the same with Chrome) click on the menu (three dashes at the top right) -> Help -> Report a deceptive page. In my experience, it helps if you include the original site in the report, so that those who handle the report can more easily decide that it is really a malicious site.

[sunsilk]

Thanks for the notice. As we go in the bull run, these phishing sites for Ledger and other common wallets will exist. And if they got busted and receive massive report, they'll just go with another one. These scammers do it for their living.

Whoever has been using Ledger device I think they have enough knowledge to avoid such a phishing attempt.

I agree but there are users that are still not aware of these tricks. They believe the website as long as it has "ledger" name on its domain. We've seen several incidents that it happened. Hoping that this time, there are going to be lesser or at least no more incident like that.