Ledger Data Leak avoid losing funds

A crypto currency Nightmare happened in the last few months of 2020. A hacker or a group of hackers managed to breach Ledgers customer database leaking personal information to almost 300.000 of their customers.

Image for post
Image for post

Ledger customers are receiving phishing mails, phone calls and threats. This is a ten step guide and best practices how to avoid loosing your funds. And this is not only from your Ledger hardware wallet, but also from any account that has been using with the very same mail or phone number with your Coinbase, Binance, blockchain.com or other exchange.

Go to the site https://haveibeenpwned.com/ where you simply enter your e-mail address. It will show if your mail (together with the Ledger Data Leak) has been breached. Hackers are using this site to look for your e-mail account and if the password has been leaked from other breaches. They will later use that information trying to hack sites where you might used this mail account.

Immediately change your password on every site you are using that has sensitive information. Like an exchange, your private mail where you receive confirmation mail, an email account where you keep a backup of passwords, keys, wallets etc.

Even if you want to keep your old number. Use the new phone for every 2FA site that was sending sms or codes to your phone used with your Ledger purchase. This is since hackers are known to have insiders at several phone companies. Now that they know you have a Ledger together with your phone number, they may be able to sim-swap attack you. Usually that means man in the middle attack where they intercept your 2FA messages using a cloned SIM

Image for post
Image for post

Some phone companies allow you to block your number from being transferred or ask them never to issue new SIM card without a personal visit. Now that your phone number is exposed to hackers, they will try to order a new SIM card or simply change ownership of your phone number. This is to avoid someone taking over your phone number as they know you have purchased a device to store crypto.

Image for post
Image for post

Never ever click on any mail claiming to be from Ledger or claiming to verify your 12/24 seed words. Nor Ledger nor anyone else has any rights or need to verify them. Even mail addresses could be forged to look like it was sent from support@ledger.com. They will most likely lead to your computer being infected with malware, key logger or ransom ware.

Don’t click on any external link telling you to upgrade your device, its a well known trick to ask you to upgrade your firmware and then re-enter your seed words. You don’t ever need to enter your seed to move funds from your hardware Ledger wallet. Only your pin and/or passphrase (25th word).

Once your device is setup, it’s not needed to enter the seed again. Never enter your seed on a webpage or store it locally on your computer. A live key logger or phishing malware might take screen grabs of your screen once in while to see if there is any seed words on your desktop.

Several people has received phone calls with threats. If you believe you don’t recognize a phone number, then simply don’t answer the phone. It could be that unpleasant threat call you don’t want to have. It’s also possible to block your phone to receive any calls not in your contact list.

It’s possible to store several accounts on your Ledger using different passphrases (25th word). Simply create a second wallet with a small amount simply to fool the thief you have only a portion of your crypto wealth. You could also move 100 USD or less to the first account without a passphrase so that it would show up not asking for a passphrase.

Thieves know your address and might be breaking into your house or home knowing where you live. If that Ledger is hidden somewhere, it could be a good point moving most of the funds out (keep as little as 10–100USD) so that thief might think he made the lottery.

Every website that has been connected to your mail leaked in the Ledger database is vulnerable. That is a site like Binance, Coinbase, blockchain.com or Kraken. Those sites use confirmation mail and 2FA sent to your phone number. Change both the mail used together with your exchange and the phone number used for the 2FA sms confirmation.

LESSONS LEARNED

Don’t collect what you can’t protect.

If you ever purchase a hardware device try to enter as little information as possible. Use a temporary mail address, temp phone number (might cost as little as 5USD, but save you stress) and use a drop box or mail box to receive the device. Don’t give away sensitive data to a third party that will store it for 10 years.

Disclaimer! This article was written by Robert Rhodin, the CEO of Wallet Recovery Service KEYCHAINX LLC, based in California USA. To read more about our company visit https://keychainx.io or send us an email to keychainx@protonmail.com if you need to talk about password recovery.

Written by

Wallet Recovery Service https://keychainx.io

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store