Crypto Hardware Wallet Users Targeted in Mail-Based Phishing Campaign - Crypto Economy

Users of crypto hardware wallets such as Ledger and Trezor are being targeted in a new phishing campaign that could significantly increase year-on-year scam-related losses. Cybersecurity experts have warned about fraudulent physical letters sent to device owners in an attempt to steal sensitive recovery information.

According to reports shared on X by cybersecurity researcher Dmitry Smilyanets, several users received letters impersonating official security and compliance teams from Ledger and Trezor. The letters included QR codes linking to malicious websites and, in some cases, a forged signature allegedly belonging to Ledger’s CEO to enhance credibility.

The correspondence created a false sense of urgency, instructing recipients to complete mandatory “Authentication Checks” to avoid losing device functionality. Trezor users were reportedly told that failure to complete the verification process could impact the full operation of their hardware wallets. However, the QR codes redirected victims to fraudulent websites that have since been flagged by security firms.

Once on the fake sites, users were prompted to proceed through an authentication flow that ultimately requested their recovery phrases for “verification.” According to expert analysis, these phrases were captured via a backend API endpoint, giving attackers full access to victims’ funds.

Source: Cybersecurity reports and public posts on X

Disclaimer: Crypto Economy Flash News is prepared using official and publicly available sources verified by our editorial team. Its purpose is to provide rapid updates on relevant developments within the crypto and blockchain sector.

This information does not constitute financial advice or an investment recommendation. Readers should verify official channels before making related decisions.