Phishing attacks are nothing new in the cryptocurrency world. Especially exchange and online wallet users are targeted through this method. It now seems some criminals turned their attention to the Ledger hardware wallet. Customers are receiving fake emails claiming their device is faulty and how they need to visit a specific website to “check if their device is vulnerable”.
The New Ledger Scam
When it comes to popular cryptocurrency hardware wallets, Ledger is often part of the discussion. Their devices are affordable, convenient, and support a plethora of currencies, tokens, and assets. It is this popularity that is now working against the company, at least where the latest phishing scam is concerned. It appears a new fake mail is making the rounds, and it targets users of this specific brand of cryptocurrency hardware wallet.
In the email, users are notified of how their wallet – either the Nano S or Nano X – contains a critical vulnerability that needs to be addressed. The website makes mention of a secure RNG chip vulnerability, that can only be resolved through a software-based check of the device. For novice users without much technical knowledge, that may appear to be a plausible explanation. In the real world, however, it is a blatant scam designed to make users lose their cryptocurrency balances.
A Fake Software Tool
On the website, there is also a download link to a tool that is allegedly designed to determine if one’s Ledger Nano is subject to this vulnerability. Known as the Ledger SE Cecker Tool – instead of Checker Tool – it is evident that this piece of software will only cause problems rather than solve them. It seems the criminals are using this toolkit to obtain remote access to a connected Ledger Wallet, albeit it is unclear how they will exploit the unit in question.
It is not overly difficult to spot this fake email either. Most of the recipients do not even own a Ledger hardware wallet, indicating a very old email list is being used for this type of attack. Secondly, the sender’s address is “[email protected]”, which is not affiliated with the legitimate company in any way, shape, or form. Simply ignoring this email is the only viable course of action. It is not impossible to think this campaign may spread to other cryptocurrency hardware wallet types in the future, depending on how successful this campaign proves to be.
Who is Behind it?
As is usually the case when campaigns like these are launched, it is difficult to determine who is behind these emails. Although the approach is somewhat clever, most people who understand how a hardware wallet works would never fall for these cheap tactics. That said, it only takes the theft of a few Bitcoin to net a decent payday, especially at the current prices.