Ledger scammers are sending letters to steal seed phrases

Scammers are mailing physical letters to the owners of Ledger crypto hardware wallets asking them to validate their private seed phrases in a bid to access the wallets to clean them out.

In an April 29 X post, tech commentator Jacob Canfieldsharedascam lettersent to his home via post that appeared to be from Ledger claiming he needed to immediately perform a “critical security update” on his device.

The letter, which uses Ledger’s logo, business address, and a reference number to feign legitimacy, asks to scan a QR code and enter the wallet’s privaterecovery phraseunder the guise of validating the device.

The letter threatens that “failure to complete this mandatory validation process may result in restricted access to your wallet and funds.”

A seed phrase, or recovery phrase, is a string of up to 24 words that unlocks access to a crypto wallet. A scammer with the phrase can access and control the associated wallet to transfer its holdings elsewhere.

Earlier this month, the X account of a crypto hardware wallet resellersaidit had also received multiple reports of Ledger users receiving a similar letter.

In response to Canfield’s post, Ledgersaidthe letter is a scam and cautioned its device users to stay vigilant againstphishing attempts.

Related:Ledger wallet user reports 10 BTC loss — Community blames phishing

“Ledger will never call, DM [direct message], or ask for your 24-word recovery phrase. If someone does, it’s a scam,” it added.

Unclear whether connected to the Ledger’s data leak

Canfield suggested that scammers were sending letters to Ledger customers whose data was leaked nearly five years ago.

In July 2020, a hackerbreached Ledger’s databaseand dumped the personal information of more than 270,000 of its customers online, which included names, phone numbers and home addresses

The following year, several Ledger users claimed to have been mailedfake Ledger devicesthat were tampered with and designed to install malware upon use, Bleeping Computerreportedat the time.

Magazine:Your AI ‘digital twin’ can take meetings and comfort your loved ones

Explore more articles like this

Subscribe to the Finance Redefined newsletter

A weekly toolkit that breaks down the latest DeFi developments, offers sharp analysis, and uncovers new financial opportunities to help you make smart decisions with confidence. Delivered every Friday

By subscribing, you agree to ourTerms of Services and Privacy Policy