InsideBitcoins.com

Ledger Users Lose $285K Worth of XRP Tokens in Security Breach Fallout

XRP

Cryptocurrency wallet provider Ledger is dealing with the fallout from a security breach, with the company’s customers losing their funds to a barrage of phishing attacks. Earlier this week, cybercriminals managed to drain users of about 1.15 million XRP tokens (about $285,000) from users.

Hundreds of Thousands Lost to Phishing Attack

According to a report from XRP Forensics, the scam came in the form of a phishing attack, with victims getting emails that directed them to a fake version of the Ledger website. The hackers were obviously sophisticated, as they substituted a homoglyph in the URL to fake the letter “e” in “Ledger.”

On the fake site, victims were tricked into downloading malware, which posed as a security update. Once installed, the malware drained the funds on their wallets. It’s unclear whether the scam has been shut down, although the hackers have still managed to make off with a pretty penny.

XRP fraud detection site xplorer reported that the hackers sent their XRP loot to a Bittrex account in five transactions. Bittrex was unable to seize the funds in time, as the hackers now appear to have liquidated them.

Another XRP-focused Twitter account reported on a different phishing scam. In this case, an email that looks like it came from the Ripple team appeals to Ledger users using a token giveaway to a whitelisted address.

The scam claims to be working on a “Community Support Program,” with interested participants having to send their Ledger seed phrases or private keys to the hackers. It’s unclear how much these hackers have managed to siphon off investors, although there’s a slim chance that they’ll be getting much money.

Issues Lingering Despite Security Upgrade

The phishing scams are fallout from a security breach that Ledger suffered earlier this year. At the end of July, the company sent an email to its customers, explaining that it had suffered a data breach weeks back. Ledger had been notified by a researcher participating in a bounty program, and further investigations found that the hackers had been stealing the company’s data since at least June.

The hackers reportedly used an API key to access the firm’s ecommerce and marketing database, which they used to send promotional emails. Ledger confirmed that the breach affected almost a million users, adding that a subset of about 9,500 users got their details – including postal addresses, full names, and phone numbers – leaked.

“Your payment information and crypto funds are safe […] Regarding your e-commerce data, no payment information, no credentials (passwords), were concerned by this data breach. It solely affected our customers’ contact details,” the company said, adding that it was monitoring online marketplaces to find evidence of the data being sold.

The company has made adjustments since then. In October, Friedman LLP, a New York-based accounting firm, told Cointelegraph that they had run a successful System and Organization Controls (SOC) Type 1 test on the company’s internal security controls. However, this doesn’t leave them out of the woods yet. With over $250,000 in funds lost due to this, it’s only a question of when the next attack will be.

Top brokers for buying and trading cryptocurrencies

  • Platform
  • Features
  • Rating
  • Visit Site
  • US-Friendly
  • Paypal accepted
  • 12+ cryptocurrencies
4.5/5

Visit Site
75% of retail investors lose money.
eToro Reviews

    eToro Reviews

    https://insidebitcoins.com/visit/etoro-newsCreate your account
    Hide eToro Reviews
    • Best broker for non-US countries
    • Trade crypto CFDs, forex and stocks
    • No withdrawal or deposit fees
    4.5/5

    Visit Site
    80.5% of retail investors lose money.
    Plus500 Reviews

      Plus500 Reviews

      https://insidebitcoins.com/visit/plus500-newsCreate your account
      Hide Plus500 Reviews
      Remember, all trading carries risk. Past performance is no guarantee of future results.
      Avatar

      Jimmy has been following the development of blockchain for several years, and he is optimistic about its potential to democratize the financial system.

      Leave a Reply

      Your email address will not be published. Required fields are marked *