Ledger’s hardware wallets are a very popular way to securely store cryptocurrency. So popular, in fact, that cybercriminals have cooked up an elaborate scam that targets Ledger users by mailing them bogus replacement wallets.
Reports have started flowing in on a subreddit dedicated to the Ledger wallet. Yesterday, Bleeping Computer reported on a post that had been submitted by a user who only signed up to Reddit to find out whether a device he received in the mail was a scam.
The answer turned out to be an unequivocal “yes.”
The package was convincing enough. It arrived in a shipping envelope emblazoned with the Ledger logo. Inside was a letter explaining why this unexpected “replacement” device had been shipped, written and purportedly signed by Ledger CEO Pascal Gauthier.
There were even convincing-looking quick-start instructions. As for the Ledger hardware wallet itself, at first glance it looked very much like the genuine article.
Prying open the device’s plastic exterior revealed that it was anything but. The printed circuit board (PCB) of the scam device looked nothing like a legitimate Ledger hardware wallet.
A cybersecurity expert who spoke with Bleeping Computer that the device actually disguised a USB memory stick. It was almost certainly malicious and packing malware that was purpose-built for cryptocurrency theft.
This may be a new approach to targeting victims who were exposed in the Ledger incident. Other physical attacks have involved shady sellers pre-initializing Ledger wallets and then passing them on to unwitting buyers as brand new — leaving them in control of any cryptocurrency that gets stored on them.
Ledger is all too well aware of these scams and has a lengthy article posted on its own website alerting its customers to the risk. This particular user wasn’t ever in any real danger. He hadn’t ever stored any cryptocurrency on the original Ledger wallet after receiving it as a gift from a friend.
To those who are bullish on cryptocurrencies and have chosen one of Ledger’s hardware wallets as a way to safeguard their holdings, however, the risk could be considerable.