The suspected scammers are using leaked order data to personalize messages, making the emails much harder to dismiss.
Cybercriminals have reportedly launched a targeted phishing campaign using a fake merger between cryptocurrency hardware wallet manufacturers Ledger and Trezor.
This follows a recent data leak at Ledger’s third-party e-commerce partner, Global-e.
Details of the Phishing Scam
On January 5, Ledger disclosed to its customers via email that Global-e had suffered a data breach, exposing customer information, including names, email addresses, phone numbers, and order details. Shortly after the incident was made public, affected users began receiving phishing emails falsely claiming that the two companies had merged. Screenshots of the fake communications have since been shared on X.
“We are pleased to announce that after months of strategic discussions, Ledger and Trezor have finalized a merger agreement. This landmark partnership unites two industry leaders with a shared vision of providing the highest standard of security for digital asset management,” read the message.
The email further stated that the decision would allow the two firms to accelerate innovation, expand their product offerings, and continue their commitment to protecting clients’ assets. Recipients were also instructed to “migrate” their wallets by entering their 24-word recovery phrases on a fake website designed to mimic official branding.
In response to the attack, Global-e has reportedly launched an internal investigation into the hack and is working with cybersecurity experts to assess the scope of the incident. Meanwhile, the company has not disclosed the exact number of affected users but confirmed that the breach was limited to contact and order information.
Ledger has also reportedly notified relevant data protection authorities and is cooperating with law enforcement agencies.
A History of Data Breaches
This episode is not the first time Ledger has been involved in such a scandal. In 2020, attackers also accessed its e-commerce and marketing databases, exposing the personal information of hundreds of thousands of users.
You may also like:
The disclosed data included email addresses, names, phone numbers, and physical addresses, with affected users later reporting receiving phishing emails and threats. At the time, the wallet manufacturer faced public criticism for its delayed disclosure and inadequate safeguards, which resulted in a formal lawsuit being filed against it and Shopify.
The company later confirmed that a rogue Shopify employee was responsible for leaking the personal details of approximately 20,000 customers. This was followed by a separate attack later that year, in which the data of about 292,000 customers was published online.
More recently, the firm suffered another security incident, resulting in the theft of approximately $600,000 in cryptocurrency after a wallet drainer was inserted into a library used by multiple decentralized applications to connect to their devices.
SPECIAL OFFER (Exclusive)
SECRET PARTNERSHIP BONUS for CryptoPotato readers: Use this link to register and unlock $1,500 in exclusive BingX Exchange rewards (limited time offer).
The internet is an increasingly murky space. Areportfrom the generative voice platform Resemble AI indicates scammers stole $347.2 million via deepfakes in the second quarter of 2025 alone. Videos across the web show doctored footage of politicians, CEOs, and celebrities like Brad Pitt and Tom Hanks promoting fraudulent crypto investments, making personalized romantic pleas, and attempting to initiate targeted wire transfers. Meanwhile, everyone’s feeds are increasingly filled with AI-generated slop that seems all too real as platforms like OpenAI’s Sora 2 rapidly advance. So what’s the solution? What is to be done? Well, if you ask people in the crypto community, the solution is to throw some more crypto at the problem.
Sam Altman wants to tackle online identification with his controversial crypto project World, which relies on orb-shaped devices that scan people’s irises to create unique, encrypted digital codes designed to allow individuals to authenticate themselves online. The project,formerly known as Worldcoin, maintains that each user’s biometric data is encrypted and stored only on their personal device, but it has stillraised privacy concerns from governments and concerned citizens around the globe.
World now appears to have some competition: The crypto wallet firm Ledgerintroduced its new Nano Gen5 model this week, but the company is no longer billing the product as a hardware wallet. Instead, it’s calling it a “signer,” to put more emphasis on the identity-verification services it provides.
“Outdated language led users to believe that their device actually stored their crypto or was merely to be used as a vault,” Ledger content writer Ola Kalejaye said in a newannouncement. “The term ‘signer’ defines the device’s core purpose: it’s your cryptographic ‘Proof of You,’ giving you a secure foundation to authorize every action and control your digital life.”
The new Nano “signer” uses a customer’s private keys—the string of letters and numbers that enables access to a specific blockchain—to create a cryptographic signature, which can authorize crypto asset transfers. Crypto stakeholders envision this kind of system as a way to confirm that our future online activity was performed by a human, without explicitly identifying that person.
While Ledger is seizing the moment and taking advantage of the renewed discussion around crypto and identity verification, Kalejaye explained that the rebranding is also intended to clear up some public misconceptions about what purpose his company’s wallets serve in the first place:
The conversation around hardware wallets also led to the common perception that managing a 24-word recovery phrase was a complex burden. This reinforced the view that only tech-savvy users could handle true digital ownership.
Today’s reality is far different from the earliest days of Bitcoin. Now, with modern backup solutions and a refined onboarding experience, Ledger makes digital ownership a seamless experience, even for users who are brand new to the decentralized world.
These common misconceptions are a direct obstacle to the mass adoption of self-custody. In reality, your crypto assets exist on the blockchain, and your Ledger signer secures the one thing that gives you control of them: your private keys. By generating and protecting this key within a certified Secure Element chip, your signer provides a fortress against online threats.
Some of the new wording feels like tweaking around the margins of Ledger’s marketing strategy in an attempt to broaden the company’s appeal beyond devoted crypto enthusiasts, teasing the possibility that people could one day use the Nano Gen5 as a broader form of identification on the web. But the device itself does have some new features designed to streamline functionality.
The new $179 Nano Gen5 works in tandem with its rebranded software app, formerly known as Ledger Live, which is now called the Ledger Wallet. The Nano’s touchscreen aims to display transactions in plain language, so users can verify what they’re approving and avoid scams, AI bots, and phishing attacks. Ledger also partnered with the decentralized exchange aggregator 1inch, offering a direct connection for crypto swaps.
Perhaps most notably, Ledger collaborated with storied iconographer Susan Kare, the designer behind the original Macintosh icons in 1982. Kare designed multiple sets of collectible badges that can personalize the new Nano Gen5. If you want to broaden your product’s appeal, who better to recruit than one of the most influential Mac designers of all time?
Ledger, a French startup mostly known for its secure crypto hardware wallets, has started shipping new wallets nearly 18 months after announcing the latest Ledger Stax devices.
The updated wallet features an E-Ink display and has been designed in partnership with Tony Fadell, one of the main designers behind the iPod. E-Ink technology is generally used for e-book readers like the Amazon Kindle or the Rakuten Kobo because the displays look good in daylight and don’t require a lot of power.
After fulfilling all pre-orders, the company will list the Ledger Stax on its website once it has more stock available. The reason why the hardware wallet fell behind schedule is the company may have overpromised on the design front. The Ledger Stax features a curved E-Ink display. It said it has been more difficult than expected to produce curved E-Ink displays at scale.
So what makes the Ledger Stax different from Ledger’s other wallets, the Nano S Plus and the Nano X? Unlike those two devices, the Ledger Stax features a larger display with a secure touch screen that interacts directly with the secure element in the device. It’s supposedly easier to use than the arrow buttons on the other Ledger devices.
While the Nano S Plus only works with a USB-C cable, the Nano X and the Stax also have a Bluetooth chip. It means that you can initiate a crypto transaction from your phone and validate it on your crypto wallet — no wire required.
With this new wallet, Ledger is also going for high-end customers. The company sold the Ledger Stax for €279 during the pre-order phase (around $300 at today’s exchange rate). It wouldn’t confirm the final retail price for the wallet so you’ll have to wait for it to be made available again on its website.
Thanks to the curved display, customers can display some information on the spine of the device, even when it’s off. This could be particularly useful for companies and individuals who own multiple hardware wallets and want to stack them up. The Ledger Stax also has built-in magnets for easy alignment and supports Qi wireless charging.
When it comes to security, all of Ledger’s products are based around a secure element where the private keys of your wallet are safely stored. They never leave your crypto wallets, meaning that even if your computer or phone is compromised, your assets are safe. However most crypto hacks are phishing attempts anyway — and Ledger can’t protect you against social engineering and scams.
If you lose your device, you can recover your wallet using a secret recovery phrase. The company also offers a subscription product in case you don’t feel comfortable with recovery phrases.
Interestingly, the Ledger Stax also marks the beginning of a production partnership with Foxconn, the consumer electronics manufacturing company. Previously, Ledger assembled its devices in Vierzon, France — but the Nano S Plus and Nano X devices will still be manufactured in Vierzon.
Ledger said it has sold more than 6 million devices to date and the company estimates it secures around a fifth (20%) of the world’s crypto assets.
Hardware wallet manufacturer Ledger has responded to a recent security breach resulting in the theft of $600,000 worth of user assets.
The company has pledged to enhance its security protocols by eliminating Blind Signing, a process where transactions are displayed in code rather than plain language, by June 2024.
Ledger Takes Responsibility For ConnectKit Attack
In a statement, Ledger emphasized its focus on addressing the recent security incident and preventing similar occurrences in the future.
The company acknowledged the approximately $600,000 in assets that were impacted by the ConnectKit attack, particularly affecting users blind signing on Ethereum Virtual Machine (EVM) decentralized applications (dApps).
Furthermore, Ledger pledged to make sure affected victims are fully compensated, including non-Ledger customers, with CEO & Chairman Pascal Gauthier personally overseeing the restitution process.
According to the statement, Ledger has already initiated contact with affected users and is actively working with them to resolve their specific cases.
In addition, by June 2024, blind signing will no longer be supported on Ledger devices, contributing to a “new standard of user protection” and advocating for “Clear Signing,” which refers to a process that allows users to verify transactions on their Ledger devices before signing them across dApps.
On this matter, Ledger’s CEO Pascal Gauthier stated:
My personal commitment: Ledger will dedicate as much internal and external resources as possible to help the affected individuals recover their assets.
Heightened dApp Security Measures
According to an incident report released by the hardware wallet manufacturer, the attack exploited the Ledger Connect Kit, injecting malicious code into dApps utilizing the kit.
This malicious code redirected assets to the attacker’s wallets, tricking EVM dApp users into “unknowingly signing transactions” that drained their wallets.
Ledger addressed the attack by deploying a genuine fix for the Connect Kit within 40 minutes of detection. The compromised code remained accessible for a limited time due to the nature of content delivery networks (CDNs) and caching mechanisms.
Ledger acknowledged the risks faced by the entire industry in safeguarding users and emphasized the need to continually raise the bar for security in dApps.
The company plans to strengthen its access controls, conduct audits of internal and external tools, reinforce code signing, and improve infrastructure monitoring and alerting systems.
Additionally, Ledger will educate users on the importance of Clear Signing and the potential risks associated with blind signing transactions without a secure display.
Notably, with Clear Signing, users are presented with a clear and readable representation of the transaction details, enabling them to review and validate the transaction before providing their signature.
This added layer of transparency and verification helps users mitigate the risks associated with front-end attacks or malicious code injected into decentralized applications
The 1-day chart shows the total crypto market cap’s valuation at $1.59 trillion. Source: TOTAL on TradingView.com
Featured image from Shutterstock, chart from TradingView.com
Disclaimer: The article is provided for educational purposes only. It does not represent the opinions of NewsBTC on whether to buy, sell or hold any investments and naturally investing carries risks. You are advised to conduct your own research before making any investment decisions. Use information provided on this website entirely at your own risk.
BlackRock revises spot Bitcoin ETF to enable easier access for banks
BlackRock has revised its spot Bitcoin exchange-traded fund (ETF) application to make it easier for Wall Street banks to participate by creating new shares in the fund with cash rather than just crypto. The new in-kind redemption “prepay” model will allow banking giants such as JPMorgan or Goldman Sachs to act as authorized participants for the fund, letting them circumvent restrictions that prevent them from holding Bitcoin or crypto directly on their balance sheets.
El Salvador expects to sell out Bitcoin ‘Freedom Visa’ by end of year
El Salvador’s National Bitcoin Office says its $1 million Freedom Visa program has already received hundreds of inquiries since its launch on Dec. 7 and expects it to sell out before the end of 2023. Launched by the local government in partnership with stablecoin issuer Tether, the Freedom Visa is a citizenship-by-donation program that grants a residency visa and pathway to citizenship for 1,000 people willing to make a $1 million Bitcoin or Tether donation to the country. The program is limited to 1,000 slots per calendar year.
Sam Bankman-Fried’s lawyer says FTX fraud trial was “almost impossible” to win: Report
The lawyer responsible for Sam “SBF” Bankman-Fried’s criminal trial defense has admitted that the case was “almost impossible” to win from the outset. During an interview, Stanford Law School professor David Mills said he recommended the legal defense of SBF admit to the allegations of witnesses and state prosecution and convince the jury that Bankman-Fried intended to save the company. Mills also disclosed that he had agreed to lend his expertise to Bankman-Fried’s defense at the behest of the FTX CEO’s parents, and described Bankman-Fried “as the worst person I’ve ever seen do a cross-examination.”
Yearn.finance pleads arb traders to return funds after $1.4M multisig mishap
Yearn.finance is hoping arbitrage traders will return $1.4 million in funds after a multisignature scripting error resulted in a large amount of the protocol’s treasury being drained. The error occurred while Yearn was converting its yVault LP-yCurve — earned from performance fees on vault harvests — into stablecoins on the decentralized exchange CoW Swap. Yearn suffered significant slippage when it received 779,958 DAI yVault tokens from the trade, resulting in a 63% drop in the liquidity pool value.
SEC pushes deadline for decision on Invesco Galaxy spot Ethereum ETF to 2024
The United States Securities and Exchange Commission has delayed its decision on whether to approve or reject a spot Ether ETF proposed by Invesco and Galaxy Digital. The companies filed the spot ETH ETF application in September. The proposed spot crypto investment vehicle is one of many being considered by the commission, which, to date, has never approved an ETF with direct exposure to Ether, Bitcoin or other cryptocurrencies.
Winners and Losers
At the end of the week, Bitcoin (BTC) is at $42,222, Ether (ETH) at $2,250 and XRP at $0.62. The total market cap is at $1.6 trillion, according to CoinMarketCap.
Among the biggest 100 cryptocurrencies, the top three altcoin gainers of the week are Bonk (BONK) at 131.38%, WOO Network (WOO) at 78.34% and Helium (HNT) at 77.66%.
The top three altcoin losers of the week are Terra Classic (LUNC) at -15.84%, Sei (SEI) at -14.48% and Pepe (PEPE) at -12.10%.
‘No excuse’ not to long crypto: Arthur Hayes repeats $1M BTC price bet
Bitcoin and altcoins are a no-brainer bet in the current macro climate, Arthur Hayes says. In a post on X (formerly Twitter) on Dec. 14, the former CEO of exchange BitMEX said that investors have “no excuse” to short crypto.
Going long on crypto is the key to success as markets bet on the United States Federal Reserve lowering interest rates next year, Hayes argues. “At this point, there is no excuse not to be long crypto,” part of his post stated.
“How many more times must they tell you that the fiat in your pocket is a filthy piece of trash,” he wrote. Hayes further reiterated a longstanding $1 million BTC price prediction as a result of macro tides eroding the value of national currencies.
FUD of the Week
Ledger patches vulnerability after multiple DApps using connector library were compromised
The front end of multiple decentralized applications using Ledger’s connector were compromised on Dec. 14. Ledger announced that it had fixed the problem three hours after the initial reports about the attack. Protocols affected include Zapper, SushiSwap, Phantom, Balancer and Revoke.cash, stealing at least $484,000 in digital assets. The attacker utilized a phishing exploit to gain access to the computer of a former Ledger employee. The hack sparked criticism about Ledger’s security approach.
Bitcoin inscriptions added to US National Vulnerability Database
The National Vulnerability Database flagged Bitcoin’s inscriptions as a cybersecurity risk on Dec. 9, calling attention to the security flaw that enabled the development of the Ordinals Protocol in 2022. According to the database records, a datacarrier limit can be bypassed by masking data as code in some Bitcoin Core and Bitcoin Knots versions. As one of its potential impacts, the vulnerability could result in large amounts of non-transactional data spamming the blockchain, potentially increasing network size and adversely affecting performance and fees.
SafeMoon falls 31% in five hours after filing for Chapter 7 bankruptcy
The token of decentralized finance protocol SafeMoon has fallen 31% in five hours after the company behind it filed for bankruptcy. SafeMoon officially applied for Chapter 7 bankruptcy, also known as “liquidation bankruptcy,” on Dec. 14. The latest blow comes only a month after the U.S. Securities and Exchange Commission charged SafeMoon and its executives with violating securities laws in what the regulator described as “a massive fraudulent scheme.” Several former SafeMoon supporters expressed frustration on Reddit regarding the bankruptcy, alleging they were rug-pulled by the SafeMoon developers.
The wallet company confirmed that this week’s exploit was an unfortunate isolated incident, after which Ledger launched Connect Kit version 1.1.8 on December 14th, deactivating malicious code in Ledger and WalletConnect. Users are now protected, but as an extra precaution, it is recommended to wait for 24 hours and clear the browser cache.
Ledger’s Chairman and CEO, Pascal Gauthier, disclosed that the security breach occurred when a former staff member fell prey to a phishing attack.
This enabled a malicious actor to upload a harmful file to Ledger’s NPMJS, a JavaScript code package manager shared across applications.
Collaborating with partner WalletConnect, Ledger swiftly responded to the incident, managing to eliminate and deactivate the malicious code on NPMJS within 40 minutes of its discovery.
In an update, Gauthier revealed that the standard practice at the Paris-based crypto hardware wallet platform is that no single person can deploy code without review by multiple parties. He admitted having strong access controls, internal reviews, and code multi-signatures when it comes to most parts of its development.
Furthermore, when an employee departs from the company, their access to all Ledger systems is promptly revoked.
“This was an unfortunate isolated incident. It is a reminder that security is not static, and Ledger must continuously improve our security systems and processes. In this area, Ledger will implement stronger security controls, connecting our build pipeline that implements strict software supply chain security to the NPM distribution channel.”
Ledger said that it is actively cooperating with authorities and assured that it will continue to assist in the ongoing investigation.
The platform said that it will continue to work with affected users, collaborate to identify the responsible party, ensure legal consequences, trace the funds, and cooperate with law enforcement to facilitate the recovery of stolen assets from the hacker.
SPECIAL OFFER (Sponsored)
Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).
According to on-chain sleuth ZachXBT, around $800,000 in crypto assets has been carted away from users who installed a fake Ledger Live application on Microsoft’s app store.
Ledger Live Users Lose $600,000 In Bitcoin: Report
In a November 5 post on the X (formerly Twitter) platform, ZachXBT raised an alarm on the suspicious application, “Ledger Live Web3”, which is conning users into thinking they are installing the original “Ledger Live” app. The original Ledger Live is a user interface app that allows hardware wallet users to store their crypto assets offline.
Community Alert: There is currently a fake @Ledger Live app on the official @Microsoft App Store which was resulted in 16.8+ BTC ($588K) stolen
According to on-chain data, roughly 16,800 BTC (worth approximately $588,000) has been received by the exploiter across 38 different transactions using the wallet address “bc1q…y64q”. The first set of funds (an estimated total of $87,600) were transferred to the scammer’s address on October 24, 2023.
As of this writing, only about $115,760 – across two transactions – has been moved out of the scammer’s wallet address. Meanwhile, the current balance of the address still stands at more than 13.5 BTC (worth roughly $476,012).
In a follow-up post on X, ZachXBT revealed that the scammer also used an ETH/BSC address to receive funds from the fake Ledger app. Based on the update, the exploiter has collected approximately $180,000 using this address, bringing their total loot to $768,000.
The on-chain investigator also noted that Microsoft may have finally removed the fake Ledger Live app from their app store. Meanwhile, the fake app’s dedicated page on Microsoft’s official website is no longer accessible.
It is worth noting that this is not the first time that a fake Ledger Live app has made its way into Microsoft’s app store. Ledger’s support account on X has had to warn its users about a fake app on two separate occasions in the space of a year.
In the month of October, the crypto space experienced a significant downturn in terms of theft, hitting its lowest point of 2023. According to CertiK’s findings, a total of 38 incidents, including from hacks, exploits, and scams, contributed to losses amounting to $32.2 million.
When considering the 10-month total of $1.4 billion, the losses incurred in October appear notably smaller, accounting for approximately a quarter of the running monthly average. While this decline in security incidents is a positive development, users are still cautioned about the existence of security threats even in the most unexpected places, as shown in this Ledger case.
As digital assets continue to flourish, this harsh reality serves as a stark reminder of the need for vigilant cybersecurity measures to safeguard the investments of crypto enthusiasts worldwide.
Bitcoin price breaks above $35,000 again on the daily timeframe | Source: BTCUSDT chart on TradingView
Featured image from iStock, chart from TradingView
Bitcoin and cryptocurrency hardware wallet manufacturer Ledger has announced a new wallet designed by former Apple engineer Tony Fadell, named Ledger Stax. The wallet utilizes E Ink technology on a small, rectangular wrap-around screen, similar in appearance to a smartphone.
Source: Ledger
The device will function as other Ledgers do, allowing users to store bitcoin and various other cryptocurrencies in cold storage, offline. The front of the device will feature a customizable display that can feature photos or NFTs, per the device product page.
Ledger Stax has a price tag of $279 with an estimated delivery date of March 2023, and the device is now available for pre-order. It will also be available in Best Buy stores, as the electronics giant currently stocks the Ledger Nano S Plus and Nano X devices.
Source: Ledger
The Stax has been designed to introduce a more premium product, going beyond the simple Ledger Nano S, which is small and has features similar to a USB drive. It also comes at an opportune time for the company, as many reconsider their desire to self-custody their cryptocurrency after the massive collapse of the FTX exchange and subsequent loss of billions of exchange-custodied user funds. Indeed, in response to questions from Fortune Crypto, a company spokesperson confirmed that in November “Ledger had its two best-ever sales days.”
In addition, Fadell described his reasoning for his design to Fortune Crypto, saying “We need a user-friendly — no, a ‘user-delightful’ — tool to bring digital asset security to the rest of us, not just the geeks,” said Fadell.
While there is debate amongst the greater Bitcoin Maximalism community in regards to utilizing and promoting wallets that offer compatibility for altcoins, having more users practice self-custody as opposed to trusting in custodians could be considered a net educational benefit for the ecosystem, and theoretically an appealing, well-designed device could introduce more people to that concept.
