- A Ledger Discord moderator’s account was hacked, leading to phishing links targeting users.
- The attacker used a bot to steal recovery phrases, potentially accessing users’ crypto wallets.
- Ledger swiftly secured the server and added extra security measures to prevent future breaches.
A security breach at Ledger, a hardware wallet company, sent ripples across its community. The hacker took control of a moderator account on the company’s Discord server and posted phishing links via a malicious bot. Through the links, the hacker urged users to visit a fake website and tricked them into submitting their recovery phrases. The breach quickly raised an alarm among users.
Further, the hacker’s actions created panic as several users reported being muted or banned when they tried to warn others about the scam. Despite these obstacles, the Ledger’s security team acted swiftly and strengthened the security. Quintin Boatwright, a team member at Ledger, assured the community that the breach was contained. He further stated that the compromised account was removed, the bot was deleted, and the fake website was reported. In addition, the company reviewed all permissions and secured its Discord server to prevent further damage.
Source: CryptoSavingExpert
This incident marks the second time in recent months that Ledger users have been targeted by scammers. Last month, fake letters were sent to hardware wallet owners. Although the letters were a scam, they had used the official logo and address of Ledger to appear as legitimate.
The ‘letters’ asked recipients to verify their recovery phrases by scanning a QR code. Notably, the scam was thought to be linked to a 2020 breach of the Ledger database, which exposed the personal information of over 270,000 customers.
While the full extent of the damage from the Discord hack is still unclear, Ledger has taken immediate steps to strengthen its security. Boatwright stressed the importance of never entering a recovery phrase or connecting a wallet through links shared on Discord. He reminded users to remain cautious and double-check any communication that asks for sensitive information.
Related: Common Crypto Scams You Need to Know
Ledger, after the incident, has informed its users that the platform is once again secure. Swift response and enhanced security measures accomplished by the organization are part of the larger combined effort to deter such attacks in the future. Such a breach is a clear picture of how phishing and scams continue to haunt online platform users. Ledger’s commitment to safeguarding its community remains firm. However, users are urged to stay vigilant and report any suspicious activity to ensure the protection of their assets.
