Ledger Wallet User Falls Victim to Phishing, Loses 10 BTC šļøšÆšŖ
(My friends, Please learn from this, and download and install the 'Walletguard" app. This app would have saved these guys literally millions, and the ap is FREE. ~The Dinarian)
Ledger attributed the loss to a phishing attack from 2022, stating that the incident stemmed from user error rather than a breach in its hardware.
Key Notes:
ā Anchor Drops, a Ledger wallet user, reported losing 10 BTC and $1.5 million in NFTs despite following standard security practices.
ā Ledger attributed the loss to a phishing attack from 2022, dismissing allegations of hardware flaws.
ā Blockchain experts confirmed that a malicious transaction signed years ago gave attacker access to the wallet.
In the cryptocurrency industry, scammers are constantly devising sophisticated methods to exploit vulnerabilities, targeting unsuspecting users to steal their funds.
A recent incident underscores this ongoing threat, as a hardware wallet user known as āAnchor Dropsā reported the loss of 10 Bitcoin and approximately $1.5 million worth of non-fungible tokens (NFTs) stored on their Ledger Nano S wallet.
On December 13, 2024, āAnchor Dropsā took to X (formerly Twitter) to share their distress, stating that despite purchasing the Ledger device directly from the manufacturer and securely storing the seed phrase offline, their assets were compromised.
They emphasized that the wallet had not been connected online for two months and claimed to have no recollection of signing any malicious transactions. Seeking answers, āAnchor Dropsā directly questioned Ledger about the breach and demanded an explanation.
ā Ledger Points to a Phishing Attack
In response to the allegations, Ledger pointed to a phishing attack that allegedly occurred on February 22, 2022. The so-called phishing attack was initially pulled out by an X user who claimed āAnchor Dropsā signed a phishing transaction many months ago and is now blaming Ledger for their mistakes.
Blockchain experts, including those from Cyvers, also linked the loss to a malicious transaction that āAnchor Dropsā unknowingly signed at that time.
Hakan Unal, a senior scientist at Cyvers told Cointelegraph that the phishing transaction granted a malicious actor long-term access to the wallet, enabling them to wait for an opportune moment to drain its contents.
āBlockchain evidence shows they signed a phishing transaction nearly three years ago, unknowingly granting approval to a malicious actor,ā Unal said.
ā Rising Crypto Scams Undermine Industry Trust
Ledger maintained that the attack was unrelated to its hardware or systems and urged users to exercise caution when signing on-chain transactions. The company highlighted the importance of reviewing token approvals regularly to minimize risks.
Despite Ledgerās response, questions remain about how the attack extended to Bitcoin holdings, which operate on a separate blockchain from Ethereum-based NFTs.
Meanwhile, the incident involving āAnchor Dropsā is a stark reminder of the growing presence of cybercriminals in the crypto industry. Phishing scams and exploits have become increasingly sophisticated, with attackers leveraging social engineering tactics to deceive users.
In 2024 alone, over $2.1 billion was lost to hacks, scams, and exploits, according to blockchain security reports. One significant case involved a phishing scam that stole $243 million by tricking users into providing sensitive wallet information.
In another instance, a DeFi protocol lost $50 million after hackers exploited a smart contract vulnerability. These incidents highlight the persistent risks faced by crypto users and the critical need for heightened security awareness.
https://www.coinspeaker.com/ledger-wallet-user-falls-victim-to-phishing-loses-10-btc/
Source:
