Hardware e-wallets are one of the safest ways to store and manage cryptocurrencies. Among the most used devices are definitely Trezor and Ledger. It was Ledger's customers that fell victim to a large-scale data leak last year caused by a mistake on the side of the French manufacturer. In 2020, attackers managed to obtain more than 1 million email addresses of people who subscribed to the Ledger newsletter. In addition, more than 270,000 data related to hardware e-wallet orders were leaked, including clients' home addresses.

The problem with Ledger has been going on to this day, and only recently has a new and highly sophisticated scam appeared on the crypto scene, again based on leaked data. The scammers really cared this time and their new technique was quite difficult for the average user to detect.

How does this scam work? Many Ledger customers have reported that they received a new device in the mail without ordering it. At first glance, this is an authentic device in undamaged packaging and the shipment also contained a cover letter, which was even falsely signed by Pascal Gauthier (Ledger CEO). It was this cover letter and especially its contents that led the clients to believe that it could be a scam.

Join us right now >>> REGISTRATION

The letter states that Ledger is sending a new device and that if the client wants to stay protected, he must start using it. They write that there is also a new user manual in the box, in which the client will learn how to switch to using the new device. The fake manual contains instructions on how to use the device and, most importantly, asks the user to enter their private phrase to restore the Ledger account to attach their cryptocurrency wallet to the new hardware.

In addition, users found that the device itself was most likely mechanically manipulated. After disassembling it, they discovered a miniature flash drive that contained a fake Ledger Live application. By entering a private phrase into this application, you actually send it to attackers immediately. This would give them access to the recovery of your device and thus to all digital assets that you have stored on your electronic wallet.

Read also:
THE BIGGEST BITCOIN UPDATE IS ON THE WAY

Of course, Ledger itself is already aware of the scam, and they regularly try to alert their clients to the risks involved. They add that they never ask customers to share their 24-word phrase and never send anything by mail that you didn't directly order. Cryptocurrencies constantly teach us to be careful and to protect our personal information as much as possible. As you can see, scammers do not really stop at anything, but with a little common sense, it is almost always possible to detect their unfair intentions.