Owner Ledger Lost 1.1 million XRP Due to Phishing


After a major leak of emails and personal information earlier this year, Ledger subscribers experienced a spike in phishing attempts.

Phishing and scam attempts against Ledger Wallet owners are on the rise with one scam netting over 1,150,000 XRP from its victims.

The scam uses phishing emails that redirect users to a fake version of the Ledger website that replaces homoglyphs in the URL – in this case a letter that looks like the letter ‘e’ but isn’t really. On a fake site, victims are tricked into downloading malware disguised as a security update that drains the balance from their Ledger Wallet.

According to xrplorer, the XRP collected from the scam was sent to Bittrex via five deposits, but the exchange was “unable to confiscate [XRP] on time.”

In a similar ongoing scam, phishing emails that appear to be sent from official accounts for “Team Ripple” entice Ledger users by offering XRP giveaways to “whitelisted addresses” as part of the “Community Support Program.” The registration process involves submitting your Ledger seed phrase or crypto private key to qualify for a non-existent program.

In an email to subscribers sent on July 29 this year, Ledger acknowledged that it had been the victim of a data breach in which nearly one million email addresses were compromised, along with the personal details of a subset of 9,500 subscribers. Although the vulnerability leading to the leak on the Ledger site was quickly addressed, the damage has already been done, and fraudsters appear to be finding creative ways to use addresses to trick Ledger users into handing over their coins.

The idea of ​​phishing crypto credentials via URLs containing homoglyphs is nothing new and scams using this tactic have been targeting XRP holders all year, even before the emails leaked.

Leave a Comment