Ledger and Trezor Wallet Users in New Crypto Theft Campaign

A new wave of crypto theft targets users of Ledger and Trezor hardware wallets

ContentsScammers use physical letters and QR codes to deceive usersPast violation compounds dangers to the usersPhishing websites steal recovery phrasesProtecting Against ScamsFraudsters have been writing official emails to users mimicking that the wallet companies are writing to them

These letters encourage users to provide their wallet recovery phrases, which can be used to steal their cryptocurrency.

Scammers use physical letters and QR codes to deceive users

The crypto criminals have been reported to take a new approach in sending real letters to the owners of Ledger and Trezor wallets

The letters will resemble governmental messages of the hardware wallet companies and will encourage the users to scan a QR code in order to complete the required checks

The letters purport non-compliance as a loss of wallet features.

The fraudsters are also instilling a sense of urgency among the recipients by informing them that they have to finish the checks within a stipulated deadline

After scanning a QR code, users will be taken to phishing sites that resemble the official sites of Ledger and Trezor

These websites are made to deceive the victims and steal their wallet recovery phrases.

Past violation compounds dangers to the users

Both Ledger and Trezor have experienced breaches in the past, which might be the reason that scammers are accessing user data

In the last month, Ledger had a data breach incident where the user data had been compromised

Though it is yet unknown as to how the criminals are specifically targeting people, with the timing of these scams and the previous security problems of the companies, this may turn out to be a major factor.

In one of the spammy letters, users of Trezor were also advised that by February 15, authentication checks will be mandatory

In the letter, a QR code was provided and was alleged to have directed to a page where users needed to scan it so as to avoid losing some functionalities on their devices

Equally, the users of Ledger were sent a letter with the same deadline and an equally pressing request to perform a mandatory check of the transactions.

Phishing websites steal recovery phrases

The fake websites, to which the users are transferred after scanning the QR codes, appear nearly the same as the official Ledger and Trezor websites

Such websites have been marked as phishing sites. Once on these pages, users are then encouraged to type in their wallet recovery phrases, which are stolen and used to access their money.

To illustrate, in Trezor deceptive site, there was a warning that the user needed to undergo the authentication process again to maintain the full functionality

But the warning was also a scam, which was aimed at urging users to fill in information that is sensitive

In other instances, users who had obeyed these instructions unwillingly gave their recovery phrases, which allowed the criminals to steal their wallets.

Protecting Against Scams

Both Ledger and Trezor have made serious warnings to the users, reminding them that they will never ask them to enter recovery phrases or authentication details by email, physical mail, or website

It is recommended that users should never enter any recovery phrases in any online place but directly on the hardware wallet itself

It is advised that wallet users should be more alert and not scan unfamiliar QR codes, and report suspicious actions to the appropriate authorities.

It is recommended that the hardware wallet users remain suspicious of any unsolicited letters or online requests

They can do more to secure their crypto assets by observing security rules and ensuring that they are not easily in the hands of criminals.