Heimdal
article featured image

Contents:

A Ledger user shared a devious scam in a Reddit post after receiving an apparent Ledger Nano X device in the mail.

As advertised on the French manufacturer’s website, the Nano X wallets keep cryptocurrency secure and support over 1,100 coin types. Unlike the Nano S, which was created for people who want to hold onto a small amount of crypto, Nano X is the best choice for active investors with diverse crypto holdings.

The suspicious device came in an authentic-looking packaging, with a letter explaining that their customer information was leaked online on the RaidForum hacking platform and that the Nano X was sent to replace their existing one to secure their funds.

Ledger scam heimdal
Ledger scam

Images Source: Reddit

Although the letter was poorly written, the physical addresses of over 270,000 Ledger owners were indeed leaked back in December 2020, thus making the explanation for the sending of the new device convincing.

The user who took the phishing attempt to Reddit opened the package and shared photos of the Ledger’s printed circuit board indicating that the device was altered.

Ledger scam heimdal security

Images Source: Reddit

The victim is asked to initialize the device sent with the letter and to follow the user guide in the box.

According to the enclosed instructions, the user must connect the Ledger to the computer, open the drive that appears, and run the enclosed app. Afterward, he is told he needs to enter the Ledger recovery phrase to import his wallet to the new device.​

Ledger scam heimdal security

Ledger scam heimdal security

Images Source: Reddit

Ledger describes a recovery phrase as the “key element in using a hardware wallet which must be kept secure and offline at all times.”

If for any reason your Ledger Nano X or Ledger Nano S becomes unusable (theft or destruction), you haven’t lost your precious cryptocurrencies. Your 24 words serve as a backup to all the crypto assets managed through your device.

Source

However, anyone who has your recovery phrase can import a wallet and gain access to the cryptocurrency it contains.

According to BleepingComputer, after the user enters the recovery phrase, it is sent to the attackers, who use it to import the victim’s wallet on their own devices to steal the contained cryptocurrency funds.

Ledger became aware of this scam in May. Make sure you check their dedicated phishing page to stay updated on this malicious campaign’s status.

Since it’s not the first time that phishing attempts are targeting Ledger customers, if you think you have received a fake communication from a third party impersonating Ledger, the company advises you to report it as soon as possible.

Author Profile

Cezarina Dinu

Head of Marketing Communications & PR

linkedin icon

Cezarina is the Head of Marketing Communications and PR within Heimdal® and a cybersecurity enthusiast who loves bringing her background in content marketing, UX, and data analysis together into one job. She has a fondness for all things SEO and is always open to receiving suggestions, comments, or questions.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE