To me, this seems like a little more adding fuel to the fire in an attempt to further damage Ledger's reputation. The tweet that appeared after the alleged hacking raises even more suspicions that this is the case - one person was allegedly hacked, and another reportedly received the same amount on his Ledger.
I noticed that both messages end identically : "What the actual fnck @Ledger". Of course neither of those two Twitter users posted their addresses or transactions, which could only help to at least determine where the tokens ended up and whether the alleged hacker would try to sell them.
Users report hacking their HWs every week, and in the end it turns out that they are victims of phishing or that they kept the seed in unencrypted digital form. I'm 90% sure that's the case here too, the remaining 10% goes to some real unknown vulnerability or to an attempt of bad PR.
Topic: Ledger hacked or not? 100k lost - page 2. (Read 383 times)
According to Andreas Antonopoulos he believes that it could be an inside job rather than something else. Someone close to him who had access to the safe robbed him. His tweet came as a response to some other user's question who asked if it was possible there could have been a seed collision with a seed already used by someone else.
This is the tweet.
More bad press about Ledger. Maybe it's not their fault this time but karma is a bitch. They decided to focus on their clothing assortment and overprices crypto buying service instead of fixing security bugs and now the problems are pilling up.
This is the tweet.
More bad press about Ledger. Maybe it's not their fault this time but karma is a bitch. They decided to focus on their clothing assortment and overprices crypto buying service instead of fixing security bugs and now the problems are pilling up.
This made me worried about my Ledger but after analyzing it and reading the thoughts of o_e_l_e_o and everyone, I'll agree that it could be the guy's fault. Does the victim don't hold bitcoin? or he's just mainly into erc20 tokens? where's the TXIDs?
I quickly read and scroll through the replies of the people interested in that tweet. Most questions were asking for the TXID but the author seems to ignore it.
I quickly read and scroll through the replies of the people interested in that tweet. Most questions were asking for the TXID but the author seems to ignore it.
Let's assume what he says is correct - he reset his Ledger and set up a new seed phrase a week ago, and his Ledger has been in his possession in a safe since and no one has had access to it.
As with the vast majority of hacks, the most likely cause here is user error - insecure seed back up, entering seed in to inappropriate place, fake/malicious wallet or app, etc.
- If the Ledger device had generated a non-random seed or there was some other flaw allowing an attacker to brute force the seed without having access to the device, then we would be seeing millions of a variety of coins and tokens being stolen
- If there was a flaw with the Ethereum app or interface, then again, we would be seeing millions of different ERC20 tokens being stolen
As with the vast majority of hacks, the most likely cause here is user error - insecure seed back up, entering seed in to inappropriate place, fake/malicious wallet or app, etc.
Hacker moving large amounts of coins from his wallet to OKEx exchange
No he is asking exchange to freeze the funds and going to contact police for investigation.
No reply from Ledger yet.
No he is asking exchange to freeze the funds and going to contact police for investigation.
No reply from Ledger yet.
This is a very stupid move from a hacker.
If the "hacker" knows a zero day bug on ledger and how to sploit it, he would certainly also know how to keep the funds anonymous using a mixer or coin join etc.. he would never send that to an exchange where he could be easily identified and reported and frozen.
Looks like he was scammed by some idiot. Phising site, or someone close etc.
New update:
Hacker moving large amounts of coins from his wallet to OKEx exchange
No he is asking exchange to freeze the funds and going to contact police for investigation.
No reply from Ledger yet.
Not Ledger's fault but good on them on trying to figure out what happened. My initial thought was he bought a tampered HW from a scammer but he says phrase was reset a week before. We can't be sure if that resetting was true though.
~
You guys think this is just an ETH-related thing?
What do you mean? If you say it's a vulnerability in erc-20 code, then I doubt it. Nobody can just take tokens away from someone's hardware wallet.You guys think this is just an ETH-related thing?
Everything he is saying like "I just reseted my ledger", "I said it was here" doens't mean anything.
Maybe, maybe not. It certainly could be that he was vulnerable to a phishing attack that he's not aware of, but now I'm a bit worried and I'm curious to see what Ledger's response is. You guys think this is just an ETH-related thing? I don't own any ETH or tokens, but hearing news like this is unnerving.
Edit:
What do you mean? If you say it's a vulnerability in erc-20 code, then I doubt it. Nobody can just take tokens away from someone's hardware wallet.
I don't know exactly what I mean. I'm just wondering whether there's a real vulnerability that could affect everyone or just this member or a particular coin/token. Never mind my question, as it's just my ignorance of how these things work speaking. Everything he is saying like "I just reseted my ledger", "I said it was here" doens't mean anything.
he could have just reseted and went into a fake MEW, or wrote his SEED in phising website...
Probably, and I wouldn't be surprised.he could have just reseted and went into a fake MEW, or wrote his SEED in phising website...
When people can send bunch of Bitcoins to twitter hacker and youtube scam videos, then anything is possible.
However he does have his own TG group with over 4600 members, twitter with over 30k followers, and I don't think he is some naive newbie.
I am waiting for Ledger final reply.
I was thinking the same thing. Probably related with pervious bug that was reported.
Lucky for me, I don't hold any altcoins on Ledger wallet.
More updates for this case:
https://twitter.com/StackingUSD/status/1294274025213112322
Everything he is saying like "I just reseted my ledger", "I said it was here" doens't mean anything.
he could have just reseted and went into a fake MEW, or wrote his SEED in phising website...
It is possible that he used a fake MEW or something like that, that could lead to some other exploit similar to that one from last week:
https://support.ledger.com/hc/en-us/articles/360015738179
I don't know if the two incidents are related.
I am worried about my ledger now....
https://support.ledger.com/hc/en-us/articles/360015738179
I don't know if the two incidents are related.
I am worried about my ledger now....
I was thinking the same thing. Probably related with pervious bug that was reported.
Lucky for me, I don't hold any altcoins on Ledger wallet.
More updates for this case:
https://twitter.com/StackingUSD/status/1294274025213112322
It is possible that he used a fake MEW or something like that, that could lead to some other exploit similar to that one from last week:
https://support.ledger.com/hc/en-us/articles/360015738179
I don't know if the two incidents are related.
I am worried about my ledger now....
https://support.ledger.com/hc/en-us/articles/360015738179
I don't know if the two incidents are related.
I am worried about my ledger now....
Ledger is again trending in Twitter and for all the bad reasons.
One guy reported 100k of his erc20 tokens have been missing from his Ledger wallet, and Ledger is investigating this.
https://twitter.com/StackingUSD/status/1294254623591739392
It could be he was a victim of phishing attack, but I would not suggest anyone using eth or any other erc20 shit for now.
Jump to: