The Discord server for Ledger, a crypto wallet provider, suffered a security breach with an intruder compromising the moderator’s account, posting scam links, and promoting a third-party website that asked visitors for their crypto seed phrases. Quintin Boatwright, a Ledger spokesperson, said that a contracted moderator had their account compromised, allowing a bot to post scam messages. Boatwright further assured users that the bot had been deleted and the compromised account had been deleted. Ledger also reported the phishing website to the appropriate authorities. The phishing website asked users for their seed phrase, which is a serious compromise because the website link was posted on the official Ledger Discord channel by an official moderator contracted by the organisation. The seed phrase is an essential series of words that gives a person complete access to the crypto wallet. The compromised moderator account censored anyone warning others about the phishing website. The attacker used a bot to overwhelm the server, disallowing people to speak out against the attack. However, the Ledger team quickly deleted the bot and deactivated the moderator account. The rapid response of Ledger may have prevented any further damage from occurring. Boatwright assured Ledger users that much work had been done to prevent this attack from happening again. Ledger plans to implement various safeguards and new security features to prevent phishing attacks. Social engineering attacks of this kind have increased lately, with multiple attempts at exploiting crypto wallets. This may be a positive sign for crypto security, indicating that hackers may have exhausted traditional techniques and are now resorting to social engineering instead. Ledger has reiterated its rules for customers never to share their seed phrase and never connect their wallet through a link shared on Discord. Despite the bot being swiftly removed from the server, the damage of this attack could not be ascertained immediately. In April, scammers conducted a widespread attack against Ledger users, posting letters requesting seed phrases so that addresses could be validated. The letter included an official logo, ID number, business address, and QR code, all vital elements for a successful phishing campaign. The letter asked Ledger customers to follow the QR link and post their seed phrase for validation. The attackers could conduct the phishing request because they had access to the July 2020 Ledger breach, where customer data was exposed. In 2024, phishing attacks proved to be the most expensive attacks in the industry, costing over $1 billion in losses. Crypto firms are increasing their security to prevent further losses from phishing attempts, including education campaigns to help customers understand the risks of using crypto. The rise of phishing attacks may indicate that hackers have exhausted traditional attack methods. In January 2025, however, a phishing attack on over 9,000 Ethereum users resulted in over $10 million in losses. Crypto users are encouraged to educate themselves on crypto use risks and take extra precautions to protect themselves from phishing attacks. They can use multiple authentication methods to make the hacker’s task even harder. There is a growing need for security experts to work in the crypto industry, to share their expertise, and to make the industry a safer place to trade. Many crypto exchanges have started communicating with other businesses, sharing details about suspicious activity and learning from past mistakes.Q
