Ledger scammers are sending letters to steal seed phrases
2025-05-03 21:00:32 Primitive Reading

 

Scammers are mailing physical letters to the owners of Ledger crypto hardware wallets asking them to validate their private seed phrases in a bid to access the wallets to clean them out.

In an April 29 X post, tech commentator Jacob Canfield shared a scam letter sent to his home via post that appeared to be from Ledger claiming he needed to immediately perform a “critical security update” on his device. 

The letter, which uses Ledger’s logo, business address, and a reference number to feign legitimacy, asks to scan a QR code and enter the wallet’s private recovery phrase under the guise of validating the device.

The letter threatens that “failure to complete this mandatory validation process may result in restricted access to your wallet and funds.”

A seed phrase, or recovery phrase, is a string of up to 24 words that unlocks access to a crypto wallet. A scammer with the phrase can access and control the associated wallet to transfer its holdings elsewhere.

Earlier this month, the X account of a crypto hardware wallet reseller said it had also received multiple reports of Ledger users receiving a similar letter.

In response to Canfield’s post, Ledger said the letter is a scam and cautioned its device users to stay vigilant against phishing attempts.

“Ledger will never call, DM [direct message], or ask for your 24-word recovery phrase. If someone does, it's a scam,” it added.

“Please don't engage with accounts claiming to be Ledger employees or anyone offering to help recover funds.”

Unclear whether connected to the Ledger’s data leak

Canfield suggested that scammers were sending letters to Ledger customers whose data was leaked nearly five years ago.

In July 2020, a hacker breached Ledger’s database and dumped the personal information of more than 270,000 of its customers online, which included names, phone numbers and home addresses

The following year, several Ledger users claimed to have been mailed fake Ledger devices that were tampered with and designed to install malware upon use, Bleeping Computer reported at the time.

Disclaimer: This specification is preliminary and is subject to change at any time without notice. Amazon Finance assumes no responsibility for any errors contained herein.

Amazon Finance
Voices from the Amazon rainforest
Recommended reading
Telegram’s TON Takes On Real World Assets With Libre’s $500M Tokenized Bond Fund

10-22     admin     17019 Reading
Bunq, Europe’s second-largest neobank, expands into crypto

10-22     admin     6172 Reading
US crypto groups urge SEC for clarity on staking

10-22     admin     17860 Reading
Galaxy Digital plans Nasdaq listing as crypto stocks post strong rebound

10-22     admin     7100 Reading
North Carolina House passes state crypto investment bill

10-22     admin     9257 Reading
Bitcoin on the Rise as China Tariff Exemptions Give Stocks Relief

10-22     admin     17136 Reading
Grayscale Still Tops All US Spot Bitcoin ETFs in Revenue

10-22     admin     11441 Reading
Grayscale Pushes SEC to Approve Ethereum ETF Staking, Citing $61M Lost in Rewards

10-22     admin     11906 Reading
Bitcoin's Bull Run Reloads: Analyst Expects BTC to Break All-Time Highs

10-22     admin     16157 Reading
Bitcoin trades at ‘40% discount’ as spot BTC ETF buying soars to $3B in one week

10-22     admin     7649 Reading
US crypto rules like 'floor is lava' game without lights — Hester Peirce

10-22     admin     16786 Reading
Senator and Ex-Bridgewater CEO McCormick Invests More in Bitcoin as Bill in Works

10-22     admin     14388 Reading
ARK Invest Raises 2030 Bitcoin Price Target to as High as $2.4M in Bullish Scenario

10-22     admin     19243 Reading
SoftBank Is Buying Bitcoin Again, After $130M Loss in 2018. Is This Time Different?

10-22     admin     13329 Reading
Bitcoin supply on exchanges is falling ‘due to public company purchases’ — Fidelity

10-22     admin     7324 Reading

Copyright © Amazon Finance