I was one of the clients that was part of the Ledger leaks.I did a little search here in the sub it seems this one isn't documented yet, so I'm expose it here just in case.This email is trying to impersonate Ledger by saying a new transaction was made in your Ledger Wallet. Here's the email body (I'm blanking part of the URL for obvious reasons): Cm7J10L.png (621×216) (imgur.com)Once you open the Google Docs link, this is what you'll see: KPaFpWl.png (606×731) (imgur.com)And once you click "cancel", it redirects you to a fake ledger website: D2RzItM.png (1025×721) (imgur.com)Once you select the ledger device, it'll ask you to connect and authorize the device: JwRgyAx.png (1118×732) (imgur.com)I don't really know the method the scam will use to rob you, but I suppose after it connects to your wallet it'll either throw an error and ask for your wallet seed or it'll try to make transactions to transfer as much crypto as possible.The fake website is very well done and I could see people falling for this, specially people that aren't very techsavy. If you know people that had anything to do with the script kiddies over Ledger be sure to let them know the company fucked up and that they probably will get these kind of emails for a long time.EDIT: just to confirm how smart these guys are, they even went as far as creating a valid ssl certificate for the phishing website CvZle7U.png (934×548) (imgur.com). For some reason the media, at least here in my country decided to tech the masses just looking for a valid certificate (aka "take a look a the small green lock in the browser") is enough to know if a website is fake or not, this clearly shows it's not enough as anyone can create a valid website.The email that send the email was thompsonxeexx30@gmail.com.
Submitted December 28, 2020 at 06:54PM
No comments:
Post a Comment