TronWeekly

Crypto World News

You are here: Home / Archives for Ledger

Ledger

Ledger User Claims Receiving Death Threat, Ransom Attempts

by

Just days after the personal information of Ledger customers was dumped on a hacker site called ‘Raidforum’, victims were being targeted by e-mail and SMS phishing campaigns. But the certain malicious entities have gone a bit too far as reports now suggest not just a spate of hacking and phishing attempts but even more distressing incidents especially for the ones who had their home addresses revealed.

In an alarming situation for the breach victims, details of kidnapping and murdering threats given by the attackers to victims have emerged. In the latest reddit thread, a Ledger user, whose personal details were compromised, claimed to have recoeved a phone call threatening kidnapping and murder. The attacker allegedly demanded 10 XMR by midnight and also threatened the victim of physical violence if the ransom is not paid.

“He demanded 10 XMR and said if it’s not sent by midnight, he will show up at my house, kidnap me, and “stab to death” any relatives living at my address. I was able to record this phone call as I put him on speaker phone.”

While the Ledger customer did take the help of the local police, this breach has caused severe distress among the community members whose personal information were dumped on the site. Several users have reported phishing emails. Another user under the pseudonym ‘JimboChewdip’ reported a sim swapping incident which cost him $2k. The attacker was able to access the victim’s phone, thereby changing passwords on several platforms.

 

Ledger CEO Pascal Gauthier had recently apologized for the event and clarified that the data breach has no link nor impact on its hardware wallets, the app or customer funds and concerns only e-commerce related information.

The exec further noted that the goal of the platform was to provide its customers with the best protection and security for their digital assets. However, he went on to confirm that the firm would not be providing any compensation for victims who had their home addresses revealed

That’s precisely Ledger’s mission: we continuously invest to improve security standards. That’s also why we won’t be refunding customers like some have suggested – instead, the best and most sincere thing we can offer is our dedication to being better and making these investments to continuously upgrade the security of the products we make available for you.

Is The Ledger Leak Forgivable?

by

It has been a bad year for Ledger, even worse for its users. In the latest development, the hacker of Ledger’s data breach on its e-commerce and marketing database has reportedly dumped the stolen contents of the hardware wallet provider customer database on the hacker site called ‘Raidforums.

According to Alon Gol the network security firm Hudson Rock’s Co-founder, the leaked database contains user information such as email IDs, physical addresses, phone numbers, and more information. Over a million customer emails stolen from the hardware wallet manufacturer were made publicly available on a hacker site today.

Ledger confirmed that payment information, credentials [passwords], or crypto funds were not impacted and the data breach has no link nor impact on the platform’s hardware wallets and the Ledger Live application.

While this security seems like just another addition to the long list of cybercrimes, not everyone is of the opinion that Ledger can be forgiven. The pseudonymous crypto researcher, Hasu, for one posted criticized Ledger in the following tweet:

“You simply can’t sell hardware wallets and store the personal information of your customers on an online server. Cut off business with them, only way companies in this space are gonna learn to take our physical security seriously.”

How Can The Ledger Leak Victims Protect Themselves?

While the information leaked in this breach would not directly compromise a users’ Ledger device and crypto funds, it could however be used [or already being used] in social engineering attacks. This was noted by a well-known cryptographer, Nik Bougalis, who went on to state that the attackers are likely to use the information to target users’ and hence they might very well get emails, phone calls, snail mail, and even packages.

According to the Bougalis, most of these will be “ham-fisted” attempts, which will stand out, while others will be tailored and carefully designed to dupe the victims. He also urged the users’ to approach every email critically.

Furthermore, the software engineer also warned,

“If the phone number you used for your order is used as a 2nd factor anywhere, change it immediately. If possible, avoid using SMS/phone as a 2nd factor altogether. Get a YubiKey or something similar and set up something like Google Authenticator.”

In a series of tweets, Bougalis also asked the victims to use a password manager for everything and enable 2FA wherever they can.

 A Quick Synopsis of The Security Breach

This hack seems to originate back in April 2020 to the 28th of June, 2020, when an attacker got access to a portion of Ledger’s e-commerce and marketing database through a third party’s API key that was misconfigured on its website. This apparently enabled unauthorized access to Ledger’s customers’ contact details and order data. The platform claimed to have fixed the data breach within the same day it was detected and the API key was deactivated.

According to the Twitter Handle, ‘Have I Been Pwned’, which was created by Microsoft Regional Director Troy Hunt, revealed that since the time of the original hack, 69% of the addresses in the dumped database as having been compromised.

Ledger Database Hackers Attempts Phishing Attack Mentioning Trezor

by

With the popularity of the digital asset space, the number of copycats, scammers, and website spoofers have only gained traction and were emerging out almost every day. The community, once again, woke up to a fresh phishing attempt. This time, the fraudulent entities masqueraded as the team behind the hardware wallet, Trezor, and sent a text message to several individuals urging them to update their wallet stating that their wallet has been disabled further adding a phishing link.

The message, in question, uses a misspelled with a zero instead of an O and looks something like this:

“Your TREZ0R Wallet has been deactivated. You are required to pass verification due to the new KYC regulations: <phishing link removed>”

Popular Bitcoin proponent Andreas Antonopoulos provided more clarity and revealed that the new phishing attack appeared to originate from the same database that was stolen from Ledger. He went on to add,

“The same [fake] name and the number appear for me. It seems to be unrelated to Trezor, other than the attackers using that name in their new phishing campaign.”

While neither Ledger nor Trezor has yet commented about the whole affair, it is, however, important to note that the sales database breach has nothing to do with the security of the hardware wallets, something that was also stressed by Antonopoulos while responding to a query on his original Twitter post.

With the growing popularity of this space, the number of phishing cases has grown tremendously. Day in and day out, attackers are leveraging spoof websites and hijacking URLs, putting up a sting site, or a fake URL to steal users’ cryptocurrencies.

The latest news just days after Trezor tweeted out a warning to all its Android users owning Trezor devices about an Android app that was pretending to be the official app. It confirmed that the app was a scam and has no relation to SatoshiLabs and Trezor. The team behind the hardware wallet also revealed reporting it to the Google team. Soon after which the malicious app was removed from the PlayStore.

LinkedIn Cryptocurrency Fraudsters Mimic TRON’s Justin Sun and Ledger CEO

by

Fraudsters have always devised new tactics, such as pre-filmed videos of famous figures in the industry, to defraud people of their hard-earned crypto. LinkedIn cryptocurrency fraudsters have come up with a strategy to manipulate pre-recorded videos to impersonate prominent people even in live video calls.

The LinkedIn cryptocurrency fraudsters are imitating the founder of Tron, Justin Sun, to defraud unsuspecting victims of their crypto. The defrauders target digital currency schemes under the disguise of collaborating with Tron. The scammers then go on to invite their targets to a Skype live video call with ‘TRON CEO Justin Sun.’

Pre-recorded Justin Sun video used by LinkedIn Cryptocurrency Fraudsters

Moreover, the tricksters use the pre-recorded video to pause the video once the victims start talking and playing when they’re done, using their voice in the call. In addition, the scammers have a fake Justin Sun passport, which they use as proof of identity when carrying out their evil schemes.

 

Among the targets of the LinkedIn cryptocurrency fraudsters is Kyle Pierce, the co-founder, and lead-creator of blockchain-based uPlexa startup. Kyle Pierce published a Medium post explaining that he was approached on LinkedIn by an individual claiming he works for a firm by the name Ledger Capital.

The fraudster requested his email address claiming that Ledger Capital is working out a secret project with Tron, and they would like him to be part of the project. He noticed something was off but decided to play along. After a long time of rescheduling, the two finally agreed on a date for a live video call.

The Skype live video call

During the call, Pierce noticed that there was something wrong with the video. He noticed that the video was a pre-recording, with a background voice on top of it. Pierce claimed that the person talking in the background would even continue to speak after Justin Sun’s pre-recording had stopped talking.

Although the goal of the fraudsters is still unknown, it’s crystal clear that they are willing to go to large extents to achieve them; and defraud any off guard victim.

Ledger Rolls Out Tron Staking Feature for its Users With Huge Rewards Waiting to be Earned

by

Ledger has been involved in several updates and developments in the digital asset area with a clear emphasis on providing the best customer experience. This attitude led Ledger to initiate collaborations with many cryptocurrency companies and their corresponding assets.

The latest feature to roll out of the Ledger roster was ‘Tron staking’, a process where holders can earn capital while holding on to their TRX tokens. In general, staking is the process of holding funds in a wallet that will, in turn, support the operation of that particular blockchain network. 

With the latest update to Ledger Live, Ledger users will be able to earn rewards while holding on to their TRX tokens directly within the Ledger Live Apps (Mobile & Desktop) without having to use any third parties Wallet. Ledger claims that their mission is to provide an ecosystem where users will be able to enjoy all the possibilities of the Blockchain technology while providing top-notch security for individuals. This also aligns with Ledger’s framework of making the world of crypto more secure while at the same time creating value for all its users. 

Ledger has reiterated multiple times in the past that user experience is key, a mantra carried over to the Ledger Live Applications available on both mobile and desktop.

Tron Weekly asked Benjamin A, the Product Manager at Ledger Live to give his two cents on the latest addition. He said:

The support of more coins in Ledger Live, especially POS coins, is one of our main goals for 2020. Tron has been one of the most downloaded apps of the Manager for a very long time, and has been in the top 20 of the crypto market cap for quite some time now. It was a logical move for us to provide a great user experience to this community, both on desktop and mobile.”

Ledger photo compressor

The company knows that simplicity in staking is an important factor in drawing customers to its platform. This has resulted in the creation of a simple 3 step process by which users can earn Tron tokens as part of the staking program. 

Step 1: Freezing TRX into Tron Power

The relation is simple: the more tokens a user freezes into Tron Power, the more votes he/she receives. In layman’s terms, “freezing TRX” is just like moving fiat currency from a dynamic current account to a more stable savings bank account. Each frozen TRX token is calculated to be 1 Tron Power. 

Step 2: Using Tron Power to vote

One of Tron’s biggest assets is its Super Representatives [SR], a group of users who act as the guardian of the Tron blockchain. Ledger has tapped into this feature by allowing users to vote and choose SR candidates using Tron Power. Just like a frozen TRX token, here too 1 TP counts for 1 vote for a single SR. A user can divide the votes for up to up to 5 SRs and the SR with the maximum votes after a cycle is elected. 

Step 3: Earn your rewards

The rewards that each user gets depends on the elected SR and the reward date that they set. Voters are then given the opportunity to claim their rewards during every 24-hour cycle. To make the process more streamlined, Ledger users can also choose to receive their rewards directly to their account.  

According to the Tron Voter Rewards Calculator – a powerful tool to help users estimate their Tron voter rewards accurately – the current annual yield on Tron is approximately 7 percent excluding the SR fees.

Ledger claimed that there are several benefits to staking Tron within the Ledger Live apps. One of the biggest advantages is the lack of risk of funds being lost or stolen. Users will also be able to enjoy high transaction rates on the Tron blockchain with parameters in place to enable scaling. Last but certainly not the least, individual users will receive bandwidth from the blockchain that can compensate for the fees of almost 20 transactions.  

 

Google Neutralizes Threat to Crypto Wallets as 49 Chrome Extension with Malicious Code is Removed

by

Anything related to the cryptocurrency industry seems to be the target of illicit hackers at the moment.

After the recent attack on the DeFi protocol dForce, which led to a loss of 25 million in crypto, now Google was taking matters in its hands to remove to protect the integrity of crypto wallet users.

According to reports, Google has removed a total of 49 extensions for the Web Store which apparently mimicking certain digital asset wallets.

Harry Denley, Director of Security at the MyCrypto platform was the first to identify these 49 extensions that contained malicious code and stole crypto-wallet private keys, mnemonic phrases, and other confidential user information.

Denley stated that the 49 extensions could be of Russian origin, put forward by one person or collective group. He stated,

“Whilst the extensions are all function the same, the branding is different depending on the user they are targeting.”

All the identified extension operated with similar functionality to the actual wallets but any users entering during the configuration step is directly sent to the attacker’s server of an anonymous Google Form.

According to the Researcher, the crypto wallet apps that were mimicked by these extensions included the likes of Ledger, Trezor, Jaxx, Electrum, MyEthereWallet, MetaMask, Exodus and KeepKey.

The report further mentioned that Denley is now persuading the users to file a complaint on the CryptoScamDB if any of their chrome extensions leads to future wallet hack or lost funds.

Crypto Chrome Scam emulating Ledger

The current incident isn’t the first detection of a fraudulent extension. Two weeks ago, an illicit Ledger Chrome extension was reported to have stolen close to $2.5 million in digital assets.

The fake browser went out as the extended support for popular hardware wallet manufacturer of Ledger, and users were asked to put down their 24-word seed, which facilitated as a gateway between hackers and the respective user’s wallet contents.

The application managed to take siphon out around $2.5 million out of user’s wallets without detection but a Reddit user went public and suggested that they had lost close to $2,500 in XRP due to the malicious application. The user stated,

“I have watched our xrp transfer from our account to an account that is currently holding over $2.5 million in xrp. This is clearly a large operation.”

A group of Researchers at XRPlorer Forensics had also indicated that a mirror version of Ledger has stolen 200,000 XRP in March.