Blockchain Security Company SlowMist’s Founder Reveals Elaborate Scam Targeting Hardware Wallet Ledger Users
The founder of the blockchain security company SlowMist, Yu Xian, has disclosed a sophisticated scam targeting users of the hardware crypto wallet Ledger. This scheme involves counterfeit devices that lure users into revealing their wallet recovery phrases. Such phishing attacks have been in existence since 2021.
On Monday, Yu Xian stated on the social media platform X that the scam group sends fake Ledger devices to users, falsely claiming that due to an earlier data leak, users must transfer their recovery phrases from the old Ledger (the real Ledger) to the new Ledger (the fake Ledger). Yu further pointed out:
Yu added that there are various variants of such scams targeting hardware wallets, such as pre-setting fixed recovery phrases in fake manuals to entice users to use these so-called “initialized activated” recovery phrases. He also mentioned that some attacks may even involve tampering with random number generators, causing the recovery phrases generated by the hardware wallet to be based on weak entropy, making them more susceptible to brute-force attacks or collisions in the future.
Yu noted that although many people find it hard to believe in such “physical” scam methods, the reality is that these types of attacks using fake devices indeed have a certain probability of success. The effectiveness of these attacks may be attributed to hardware wallet manufacturers leaking user order information, as well as the scammers selling fake wallets through counterfeit marketplaces. So far, there have been no clear cases indicating that hardware wallets have been tampered with by intermediaries during the logistics process.
