A recent report indicates that Ledger, a cryptocurrency wallet hardware manufacturer, has been the victim of a security incident resulting from a phishing attack. Experts believe this incident could be related to a data breach that occurred a few months ago.
Phishing mail would have been sent to some Ledger users, who received details about an alleged data breach that occurred on October 24 that would have put their virtual assets at risk. The malicious email contained a link redirecting victims to a fake Ledger firmware update site.
If they fell into the trap, users were redirected to a website with domain extension “.io”, instead of the extension “.com” on the legitimate website of the company. Experts report that this site hosted a malware variant capable of giving threat actors access to sensitive information on the user’s device, which would allow them to extract their cryptocurrencies completely.
It’s not all bad news, as the company managed to detect malicious activity on time and send all its users a security alert to inform them about the phishing attempt. The website used by criminals has already been disabled.
Cybersecurity specialists mention that this is a reminder about how companies manage centralized configurations for unencrypted data storage. More details about this attack may continue to appear, as scammers can reuse customer data including their names, email addresses and phone numbers in the near future.
This is also a valuable lesson for users of these devices for the storage of Bitcoin and other cryptocurrencies, as they need to consider that these devices will not be fully protected from cyber threats as long as the users themselves do not have knowledge in personal cybersecurity.