Jump to content

Ledger Nano S hacked


Sharkey

Recommended Posts

Wow, I was never expecting this to happen, and I hope that someone on this forum has an idea of how I should proceed. 

I have three Ledger Nano S hardware wallets, and I have purchased all directly from Ledger's website.  I have never shared the seed phrases, have never stored them electronically in any way, never printed them, etc....and the Nanos themselves have been kept in a locked safe where no one has had access to them.  Also, the seed phrases are kept in a separate and secure area, where no one can access them.  This evening, I connected one of the Nanos to my Mac to make a transfer of some BTC to my Kraken account. I have been using the Ledger Live app through the App Store. Later this evening, when  I checked the sending wallet's balance, I discovered  that an additional 0.5 BTC had also been sent to an unknown BTC address, obviously without my knowledge.  I believe that I have taken all precautions possible, so I am pretty shocked. 

Interestingly, there is still a BTC balance in the original sending address, so it was not all taken.  My questions are:

WTF happened to allow this breach?

How I can safely access the remaining BTC balance, as I am afraid to reconnect the Nano to the existing Mac, and using the same Ledger Live app??

I have emailed Ledger, but don't really know if/when I will receive any help from them...ANY suggestions would be greatly appreciated!  Thanks! 

 

 

 

 

Link to comment
Share on other sites

@Sharkey I wonder if it's related to this? https://decrypt.co/37063/bitcoin-wallet-ledgers-database-hacked-for-1-million-emails

The firm specified that more detailed personal information was leaked in 9,500 cases, including phone numbers, postal addresses and what product they purchased. The announcement added that, "More detailed personal information could have been exposed."

Edited by Panzer_Kitteh
Link to comment
Share on other sites

Some 15 year old in Europe broke these things with alligator clips and an oscilloscope like 4 years ago, before they could connect to anything.  Once they added flash memory for downloadable firmware updates, I knew the news was going to get worse, in time.  Then came the "sorry, we leaked all client data" - probly time to extract keys/seeds and make like a tree...

Edited by NightJanitor
Link to comment
Share on other sites

Looks like you didn't fall victim to this, but to be sure, never provide your seed to anybody/site... I recall a scam involving a fake ledger live site that requested the seed (which would never be asked for as that defeats the purpose of the ledger nano)... 

https://cointelegraph.com/news/fake-ledger-live-chrome-extension-stole-14m-xrp-researchers-claim

If you provided your seed, you have been scammed and I would transfer all assets to an exchange or one of your other devices (assuming same situation does not relate to them).... infact, I would probably to that regardless... 

I'm sure you will hear back from Ledger and I am sure they will want the transaction hash... do you want to share that here?

Link to comment
Share on other sites

5 hours ago, Sharkey said:

Wow, I was never expecting this to happen, and I hope that someone on this forum has an idea of how I should proceed. 

I have three Ledger Nano S hardware wallets, and I have purchased all directly from Ledger's website

Did you receive any weird email from a stranger with some attachment lately? And did you open what was looking like a safe file (MP3 / MP4 / JPG / PDF)?

It's plausible some hacker sent you a trojan and took control of your computer .

 

Edited by Dario_o
Link to comment
Share on other sites

12 minutes ago, Dario_o said:

Did you receive any weird email from a stranger with some attachment lately? And did you open what was looking like a safe file (MP3 / MP4 / JPG / PDF)?

It's plausible some hacker sent you a trojan and took control of your computer .

 

Thanks, but I haven't opened any attachments or files from anyone I don't know.  But I wonder if there's an issue with the Ledger Live app, after reading more online about the vulnerabilities.  

Link to comment
Share on other sites

2 hours ago, EcneitapLatnem said:

Looks like you didn't fall victim to this, but to be sure, never provide your seed to anybody/site... I recall a scam involving a fake ledger live site that requested the seed (which would never be asked for as that defeats the purpose of the ledger nano)... 

https://cointelegraph.com/news/fake-ledger-live-chrome-extension-stole-14m-xrp-researchers-claim

If you provided your seed, you have been scammed and I would transfer all assets to an exchange or one of your other devices (assuming same situation does not relate to them).... infact, I would probably to that regardless... 

I'm sure you will hear back from Ledger and I am sure they will want the transaction hash... do you want to share that here?

The Ledger Live app that I used was downloaded from the App Store.  I have used it without any issues for some time.  I was not prompted to provide the seed.  I do want to move the remaining BTC to an exchange, but I'm actually afraid to use the Nano (or the app) again before learning how to rule out both of those as the source of the breach.  I have sent the info to Ledger and included the transaction hash.  I'm somewhat reluctant to share the hash on this forum, although I am very motivated to solve this problem, and know I can't do so without expertise. I really appreciate your thoughtful suggestions, thanks!

Link to comment
Share on other sites

5 hours ago, Panzer_Kitteh said:

Thanks, and I did see this.  Ledger had recently sent emails out to inform customers about this issue. The email, and also the description on their site seems to be adamant that any data impacting the hardware was not impacted. But now, I don't feel as sure about that, given the "coincidental" timing of this mess.  If I get any helpful response from Ledger, I will post it here, if that could be helpful to anyone else.

Link to comment
Share on other sites

7 hours ago, Sharkey said:

Later this evening, when  I checked the sending wallet's balance, I discovered  that an additional 0.5 BTC had also been sent to an unknown BTC address, obviously without my knowledge. 

The unauthorized transaction happened at the same time as the transaction you willing performed?

Link to comment
Share on other sites

5 minutes ago, SCHUMIXRP said:

Jeeese this is scary, I'm really sorry. Did you ever do any of the device updates? 

Thanks, and yes, I actually did do a device update yesterday, just before the "nightmare" began...hard to imagine that this would be the source, but I really have no idea.  Still haven't gotten a word back from Ledger.  

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...