CyberSecurity news
FlagThis
@www.bitdegree.org
//
Cybercriminals are deploying fake Ledger Live applications to target MacOS users and their cryptocurrency holdings. The malware is designed to steal seed phrases, the critical 12 or 24-word recovery phrases that grant complete access to a user's cryptocurrency wallet. These campaigns involve tricking users into downloading and installing a fraudulent Ledger Live app, which then prompts them to enter their seed phrase under false pretenses. Once entered, this information is sent directly to the attackers, allowing them to seize control of the victim's digital assets.
The method often involves the use of "Atomic macOS Stealer," a tool that cybersecurity firm Moonlock has discovered on approximately 2,800 compromised websites. This stealer infiltrates the system, gathers personal information, passwords, and wallet details. A key aspect of the attack is replacing the legitimate Ledger Live application with a fake one. Initially, these fraudulent apps were limited to collecting basic wallet information. But attackers have evolved their techniques to directly target and steal seed phrases, enabling them to transfer all funds from the compromised wallets.
Users are urged to exercise extreme caution and only download Ledger Live directly from the official Ledger website. The threat is significant as it exploits the trust placed in established cryptocurrency tools. The compromise of the Ledger Discord moderator account earlier this month, where a phishing link was posted requesting wallet recovery phrases, underscores the increasing sophistication of these attacks. This isn't just about theft but hackers finding new ways to target tools that many crypto users trust.
ImgSrc: assets.bitdegre
References :
The method often involves the use of "Atomic macOS Stealer," a tool that cybersecurity firm Moonlock has discovered on approximately 2,800 compromised websites. This stealer infiltrates the system, gathers personal information, passwords, and wallet details. A key aspect of the attack is replacing the legitimate Ledger Live application with a fake one. Initially, these fraudulent apps were limited to collecting basic wallet information. But attackers have evolved their techniques to directly target and steal seed phrases, enabling them to transfer all funds from the compromised wallets.
Users are urged to exercise extreme caution and only download Ledger Live directly from the official Ledger website. The threat is significant as it exploits the trust placed in established cryptocurrency tools. The compromise of the Ledger Discord moderator account earlier this month, where a phishing link was posted requesting wallet recovery phrases, underscores the increasing sophistication of these attacks. This isn't just about theft but hackers finding new ways to target tools that many crypto users trust.
ImgSrc: assets.bitdegre
Share:
References :
- www.bitdegree.org: macOS users who use Live are being targeted by a scam that tricks them into handing over their crypto.
- www.bleepingcomputer.com: Cybercriminal campaigns are using fake Ledger apps to target macOS users and their digital assets by deploying malware that attempts to steal seed phrases that protect access to digital cryptocurrency wallets.
- www.scworld.com: Apps impersonating the widely used hardware-based cryptocurrency wallet Ledger have been harnessed to compromise macOS users' wallet seed phrases, BleepingComputer reports.
Classification:
- HashTags: #Ledger #macOS #CryptoScam
- Company: Ledger
- Target: MacOS Users
- Attacker: Fake Ledger
- Product: Ledger Live
- Feature: seed phrase theft
- Malware: Fake Ledger Live app
- Type: Malware
- Severity: High