Key Takeaways
- Ledger customers are being focused by bodily mail scams requesting seed phrases.
- Scammers are utilizing knowledge from the 2020 Ledger breach that uncovered 270,000 customers.
- Ledger reiterates it by no means asks for 24-word restoration phrases in any kind.
A brand new phishing rip-off has emerged focusing on customers of Ledger {hardware} wallets, this time utilizing bodily mail to take advantage of private info leaked in a 2020 knowledge breach.
Victims are receiving official-looking letters claiming to be from Ledger’s safety group, warning of a “necessary safety replace.”
Rip-off ways & warnings
The letters instruct recipients to scan a QR code and enter their 24-word seed phrase — a transfer that will hand over full management of their wallets to scammers.
Ledger has reiterated that it by no means asks customers to share restoration phrases beneath any circumstances.
Ledger said in response to experiences:
Ledger won’t ever ask in your 24-word restoration phrase. If somebody does, it’s a rip-off.
Preliminary experiences & historic context
The rip-off was first reported on April 29 by tech analyst Jacob Canfield, who acquired one of many fraudulent letters at his house.
Canfield posted on X:
Scammers are sending bodily letters to the @Ledger addresses database leak requesting an ‘improve’ on account of a safety danger.
Breaking: New rip-off meta launched. Now they’re sending bodily letters to the @Ledger addresses database leak requesting an ‘improve’ on account of a safety danger.
Be very cautious and warn any pals or household that you realize is in crypto and isn’t that savvy. pic.twitter.com/XoUAGQBJXt
— Jacob Canfield (@JacobCanfield) April 28, 2025
This phishing try exploits the Ledger knowledge breach from 2020, by which over 270,000 customers had their names, cellphone numbers, e-mail addresses, and residential addresses leaked.
Whereas digital phishing makes an attempt have been ongoing for years, this newest wave revives a earlier tactic utilized in 2021, the place scammers mailed tampered Ledger units.
Ledger’s response & consumer advisory
Ledger has issued new warnings, urging customers to stay vigilant and to disregard all unsolicited requests for restoration phrases, irrespective of how official they seem.