Following the Ledger data breach of July 2020, victims are receiving convincing but fake hardware wallets. Scammers appear to be targeting victims of a hack of customer data stored by bitcoin hardware wallet provider Ledger that occurred about a year ago.
The theft exposed the personal information of over 1 million people, including names, phone numbers, and email addresses. More than 200,000 people’s residential addresses were also compromised.
The new scam attempt is said to be sophisticated as some of the victims appear to be receiving counterfeit hardware wallets through the mail. Victims received a package including a letter purporting to be from Ledger CEO Pascal Gauthier, but it was badly written and contained numerous grammatical and typographical issues.
“As you know, Ledger was targeted by a cyberattack that led to a data breach in July 2020,” read the fake letter. “For this reason for security purposes, we have sent you a new device you must switch to a new device to stay safe. There is a manual inside your new box you can read that to learn how to set up your new device. For this reason, we have changed our device structure. We now guarantee that this kinda breach will never happen again.”
In the package was a Ledger Nano X box that seemingly contained a legitimate device. Upon first glance, the wallet seems authentic and also contains quick-start instructions. However, once the plastic exterior is pried open, it is evident that it is a scam device as the printed circuit board (PCB) is nothing like the actual wallet.