In July an unpleasant incident occurred with Ledger, one of the most popular manufacturers of hardware crypto wallets. The company’s databases were hacked and, as a result, information from many customers fell into bad hands. A little later, it became known that Ledger management refused to pay compensation to those whose data had been merged. Alas, there are already consequences of the leak of personal data.
A few months ago, we warned that such an event was unlikely to go away without a trace for many. More recently, our fears have been confirmed – many of our customers have started complaining about increased phishing attacks. Moreover, some of them were indeed victims of hackers – they managed to steal a total of 1.15 million XRP.
It should be noted that in most cases such situations end badly for the owners of cryptographic software. If the scammers know how to work with all kinds of mixers that cover the cryptovoltaic traces, they are likely to fail.
A phishing attack is an attempt to force a user to give their important information to hackers in the form of logins, passwords or private keys, which will then be used by attackers to withdraw their funds. In this case, Ledger users were sent e-mails with a link to the company’s fake website.
The address of the fairy page had dotted letters, i.e. it was very similar to the original address of the real Ledger website. After following the link, the user was strongly advised to download malware under the guise of a security update for Ledger wallets. Using the virus, the attackers managed to steal 1.1 million XRP, reports Cointelegraph. At today’s rate it is about 288 thousand dollars.
The coins received were sent to the Bittrex exchange. Unfortunately, the platform was unable to take appropriate measures in time and block funds from hacker accounts. In other words, it was not possible to stop the criminals.
In a similar attack, victims were sent a phishing email allegedly from an official Team Crypto Bull account. In it, the phishers approached Ledger users, offering XRP distribution to „white list addresses“ as part of a „community support programme“. The process of registering for the „programme“ includes the transfer of a side-phrase from a Ledger wallet. With this combination in hand, hackers can easily withdraw all user funds.
That is, in this case, users were attracted by the opportunity to receive tokens in honour of an event. It should be noted that in such cases, greed usually outweighs rationality, which is why the owners of the cryptographic coins part with them – and usually forever.
This is interesting: the manufacturer of crypt currency hardware wallets Ledger has passed a security audit. What does it give you?
It should be noted that the phishing attack tactics have been used against cryptovalue users for a long time. In some cases hackers manage to steal simply unthinkable amounts. Let us remind you that a couple of months ago, a cryptoentusist under the nickname 1400BitcoinStolen told us about how he had his 1400 BTC stolen through a malicious version of his Electrum wallet. Today, the equivalent of $21.68 million can be obtained for this amount.
And although such schemes are really popular and successful, it is quite easy to fight them. All you have to remember is that real company representatives will not contact you by mail to ask for a software update. Even if there is a bug, it will be written about it in official Twitter-type communication channels. So if someone shares a link in the letter, the latter simply needs to be removed and not clicked on the content.
The same is true for secret phrases along with private keys. This information is for cryptographic owners only, so disclosure will essentially put an end to savings. We believe that, over time, the literacy of coin holders will increase, which will cause the income of fraudsters to fall. However, because of the constant influx of newcomers to the industry, it is unlikely that hackers will ever be left without money. That’s why it’s only left to warn friends and family.
Don’t be a victim – when working with cryptocurrencies, never click on suspicious links or download suspicious files. Remember, your passwords and private keys are the only proof of ownership of digital assets. Look for even more interesting things in our millionaire crypto.