fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Scammers Mail Fake Ledger Devices to Steal Your Cryptocurrency

Scammers Mail Fake Ledger Devices to Steal Your Cryptocurrency

Scammers are sending fake replacement devices to Ledger customers exposed in a recent data breach that are used to steal cryptocurrency wallets.

Ledger has been a popular target by scammers lately with rising cryptocurrency prices and the popularity of hardware wallets to secure cryptofunds.

In a post on Reddit, a Ledger user shared a devious scam after receiving what looks like a Ledger Nano X device in the mail.

As you can see from the pictures below, the device came in an authentic looking packaging, with a poorly written letter explaining that the device was sent to replace their existing one as their customer information was leaked online on the RaidForum hacking forum.

“For this reason for security purposes, we have sent you a new device you must switch to a new device to stay safe. There is a manual inside your new box you can read that to learn how to set up your new device,” read the fake letter from Ledger.

“For this reason, we have changed our device structure. We now guarantee that this kinda breach will never happen again.”

Even though the letter was filled with grammatical and spelling errors, the data for 272,853 people who purchased a Ledger device was actually published on the RaidForums hacking forum in December 2020. This made for a slightly convincing explanation for the sending of the new device.

Packaging and letter for the fake Ledger device
Source: Reddit

Also enclosed in the package was a shrinkwrapped Ledger Nano X box that contained what appeared to be a legitimate device.

Also Read: The 3 Main Benefits of PDPA For Your Business

Enclosed shrinkwrapped Ledger device
Source: Reddit

After becoming suspicious of the device, they opened it and shared pictures of the Ledger’s printed circuit board on Reddit that clearly show the device was modified.

Front of fake Ledger hardware wallet
Source: Reddit
Front of real Ledger hardware wallet
Source: Ledger

Based on the photos, security researcher and offensive USB cable/implant expert Mike Grover, aka _MG_, told BleepingComputer that the threat actors added a flash drive and wired it to the USB connector.

“This seems to be a simply flash drive strapped on to the Ledger with the purpose to be for some sort of malware delivery,” Grover told BleepingComputer in a chat about the photos.

“All of the components are on the other side, so I can’t confirm if it is JUST a storage device, but…. judging by the very novice soldering work, it’s probably just an off the shelf mini flash drive removed from its casing.”

In the image below, Grover highlighted the flash drive implant connected to the wires while stating. “Those 4 wires piggyback the same connections for the USB port of the Ledger.”

Also Read: The 5 Benefits of Outsourcing Data Protection Officer Service

Back of fake Ledger hardware wallet
Source: Reddit
Back of real Ledger hardware wallet
Source: Ledger

The enclosed instructions tell the person to connect the Ledger to their computer, open a drive that appears, and run the enclosed application.

The instructions then tell the person to enter their Ledger recovery phrase to import their wallet to the new device.​

Fake Ledger instructions explaining how to transfer wallet to new device
Source: Reddit

A recovery phrase is a human-readable seed used to generate the private key for a specific wallet. Anyone who has this recovery phrase can import a wallet and access the cryptocurrency it contains.

After entering the recovery phrase, it is sent to the attackers, who use it to import the victim’s wallet on their own devices to steal the contained cryptocurrency funds.

Ledger is aware of this scam and has posted warnings about it in May on their dedicated phishing page.

As always, Ledger recovery phrases should never be shared with anyone and should only be entered directly on the Ledger device you are trying to recover. If the device does not provide the ability to enter the phrase directly, you should only use the Ledger Live application downloaded directly from Ledger.com.

In 2018, security researchers illustrated various methods that could be used to compromise hardware cryptocurrency wallets, including the Trezor One, Ledger Nano S, and Ledger Blue devices.

Ledger customers bombarded with scams

Ledger suffered a data breach in June 2020 after an unauthorized person accessed their e-commerce and marketing databasse.

This database was “used to send order confirmations and promotional emails – consisting mostly of email addresses, but with a subset including also contact and order details such as first and last name, postal address, email address and phone number.”

Soon after, Ledger owners began receiving numerous phishing emails pointing them to fake Ledger applications designed to trick them into entering their wallet’s recovery phrases.

These scams increased in frequency after the contact information for 270K Ledger owners was posted on the RaidForums hacker forum in December 2020.

This has led to phishing scams pretending to be further Ledger data breach notifications, SMS phishing texts, and software upgrades on sites impersonating Ledger.com.

All Ledger customers are advised to be suspicious of any unsolicited email, package, or text claiming to be related to their hardware devices.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us