Ledger hack - 270,000+ customers doxxed - eBay Suspended & PayPal Limited Forums
eBay Suspension & PayPal Limited Forums  
Join Today
Register Subscribe
     

Registration is fast, simple and absolutely free so please, join our community today!


Go Back   Home > WallStreetBets > CryptoCurrency

CryptoCurrency Discuss all CryptoCurrencies / coins and their use for personal or business purposes. Bitcoin (BTC) is possibly the best known but there are numerous crypto currencies, this is the forum to discuss them all.

Reply
 
Thread Tools
  #1  
Old 12-22-2020
phaz0rz's Avatar
Executive [VIP]
 
Join Date: Nov 2015
Posts: 10,840
Thanks: 2,082
Thanked 4,025 Times in 3,012 Posts
Activity: 5%
Longevity: 49%
iTrader: (2)
Send a message via ICQ to phaz0rz Send a message via AIM to phaz0rz Send a message via Yahoo to phaz0rz
Default Ledger hack - 270,000+ customers doxxed

If any of you guys have bought a ledger in the past few years, you may be receiving threatening extortion letters by email and/or mail soon. I've already seen several examples. People are downloading the list then using software to email everyone on it, attempting to extort $xxx for "protection".



It's pretty crazy. The tiny town I live in has like 8 people on the list. I'm not going to post it but it's out there if anyone cares.
__________________
____________
_______
___
Reply With Quote
The complete step-by-step guide to get back to selling today!

  #2  
Old 12-22-2020
Mayhard's Avatar
Senior Member
 
Join Date: Jun 2017
Posts: 500
Thanks: 81
Thanked 26 Times in 19 Posts
Activity: 10%
Longevity: 40%
iTrader: (37)
Default Re: Ledger hack - 270,000+ customers doxxed

Are you referring to the Google doc?
Reply With Quote
  #3  
Old 12-22-2020
phaz0rz's Avatar
Executive [VIP]
Threadstarter  
 
Join Date: Nov 2015
Posts: 10,840
Thanks: 2,082
Thanked 4,025 Times in 3,012 Posts
Activity: 5%
Longevity: 49%
iTrader: (2)
Send a message via ICQ to phaz0rz Send a message via AIM to phaz0rz Send a message via Yahoo to phaz0rz
Default Re: Ledger hack - 270,000+ customers doxxed

The thing I'm referring to is a 28MB text file with thousands of buyer details. I don't know if anybody has put it on Google docs. I saw it on anonfiles and github yesterday. It was also on pastebin but that was removed.

I'm assuming you're probably on there.

There's talk of a class action lawsuit but ledger has already made a statement saying they do not plan to reimburse affected users in any way.
__________________
____________
_______
___

Last edited by phaz0rz; 12-22-2020 at 08:05 AM.
Reply With Quote
  #4  
Old 12-22-2020
james_112233's Avatar
Senior Member
 
Join Date: Mar 2017
Posts: 2,388
Thanks: 648
Thanked 560 Times in 421 Posts
Activity: 19%
Longevity: 41%
iTrader: (0)
Default Re: Ledger hack - 270,000+ customers doxxed

They'll be really targeting the high net worth in crypto individuals no doubt. Everyone else will just get some sort of phishing email on a regular basis or some other form of social engineered scam.
Reply With Quote
  #5  
Old 12-22-2020
phaz0rz's Avatar
Executive [VIP]
Threadstarter  
 
Join Date: Nov 2015
Posts: 10,840
Thanks: 2,082
Thanked 4,025 Times in 3,012 Posts
Activity: 5%
Longevity: 49%
iTrader: (2)
Send a message via ICQ to phaz0rz Send a message via AIM to phaz0rz Send a message via Yahoo to phaz0rz
Default Re: Ledger hack - 270,000+ customers doxxed

A guy on another board laid out his plan the other day..
1) download list, extract all emails
2) send everyone an email saying "send me $500 in BTC to this address or I'll come beat your head in with a wrench or whatever"
3) "I'm sure you can afford it given the recent gains"

Then, even if only 1% of people respond for the perceived "peace of mind" the guy could still end up with over $1mil in free bitcoin. There's no way of determining who the "whales" are on that list (aside from the 1 bill.gates email) because their BTC addresses aren't shown.

It's not the kind of thing I would go for but I can see people in 3rd world countries drooling over this list.
__________________
____________
_______
___
Reply With Quote
The Following User Says Thank You to phaz0rz For This Useful Post:
rsot (12-23-2020)
  #6  
Old 12-22-2020
james_112233's Avatar
Senior Member
 
Join Date: Mar 2017
Posts: 2,388
Thanks: 648
Thanked 560 Times in 421 Posts
Activity: 19%
Longevity: 41%
iTrader: (0)
Default Re: Ledger hack - 270,000+ customers doxxed

It's like winning the lottery in a sick twisted way.
Reply With Quote
  #7  
Old 12-22-2020
e2free's Avatar
Executive [VIP]
 
Join Date: Dec 2014
Posts: 3,329
Thanks: 483
Thanked 623 Times in 558 Posts
Activity: 14%
Longevity: 54%
iTrader: (23)
Default Re: Ledger hack - 270,000+ customers doxxed

Haha I did had email other day
Your Device has been disabled.

Unfortunately, due to the new KYC policy, you are required to pass identification:

https://docs.google.com/document/d/e...?embedded=true

Support Team.
89-P8XM8S57XS QT8257
Reply With Quote
  #8  
Old 12-22-2020
phaz0rz's Avatar
Executive [VIP]
Threadstarter  
 
Join Date: Nov 2015
Posts: 10,840
Thanks: 2,082
Thanked 4,025 Times in 3,012 Posts
Activity: 5%
Longevity: 49%
iTrader: (2)
Send a message via ICQ to phaz0rz Send a message via AIM to phaz0rz Send a message via Yahoo to phaz0rz
Default Re: Ledger hack - 270,000+ customers doxxed

^^I see. So somebody created a spoof site to target the people in this email.. I guess.

So I guess your info is on the list, e2?
__________________
____________
_______
___
Reply With Quote
  #9  
Old 12-22-2020
Mayhard's Avatar
Senior Member
 
Join Date: Jun 2017
Posts: 500
Thanks: 81
Thanked 26 Times in 19 Posts
Activity: 10%
Longevity: 40%
iTrader: (37)
Default Re: Ledger hack - 270,000+ customers doxxed

Quote:
Originally Posted by james_112233 View Post
It's like winning the lottery in a sick twisted way.
Where do you see a success in this?

It's just a list of emails who has bought a ledger device at some time.
Reply With Quote
  #10  
Old 12-22-2020
james_112233's Avatar
Senior Member
 
Join Date: Mar 2017
Posts: 2,388
Thanks: 648
Thanked 560 Times in 421 Posts
Activity: 19%
Longevity: 41%
iTrader: (0)
Default Re: Ledger hack - 270,000+ customers doxxed

Quote:
Originally Posted by Mayhard View Post
Where do you see a success in this?

It's just a list of emails who has bought a ledger device at some time.
Not just a list of emails if those emails are also used on facebook, linkedin etc. You can track down people with their email addresses these days.

And then the social engineering begins.

I'm not a scammer so I don't know exactly what you could do, but i'm fairly sure there are many things you can do.
Reply With Quote
  #11  
Old 12-22-2020
e2free's Avatar
Executive [VIP]
 
Join Date: Dec 2014
Posts: 3,329
Thanks: 483
Thanked 623 Times in 558 Posts
Activity: 14%
Longevity: 54%
iTrader: (23)
Default Re: Ledger hack - 270,000+ customers doxxed

Quote:
Originally Posted by phaz0rz View Post
^^I see. So somebody created a spoof site to target the people in this email.. I guess.

So I guess your info is on the list, e2?
Yes and it is available to download on the forum its crazy it contains name email.phone number address etc
Reply With Quote
  #12  
Old 12-22-2020
Beautiful's Avatar
Executive [VIP]
 
Join Date: Jul 2018
Posts: 4,719
Thanks: 960
Thanked 829 Times in 724 Posts
Activity: 24%
Longevity: 34%
iTrader: (8)
Default Re: Ledger hack - 270,000+ customers doxxed

Lots of emails/name/addresses have been leaked

if you bought a ledger, watch out for phishing emails, many people are receiving them

you can check here if your information was leaked

1. https://haveibeenpwned.com/
2. https://intelx.io/?did=8761746e-d333...d-9100c8722799

--------

Learn from their mistake, if you're going to order a hardware wallet in the future

1. Use a fictitious email + fictitious name, if you're having it mailed to your home

2. Ideally you want to get yourself a business UPS box, that has no ties to your name or ties to where you live

--------

Ledger has shown in the past to be greedy over having integrity, go for an open source wallet like trezor or coldcard if you're a little more tech savvy

Here's a great site with tons of resources: https://www.lopp.net/bitcoin-informa...d-wallets.html

Last edited by Beautiful; 12-22-2020 at 08:18 PM.
Reply With Quote
The Following 3 Users Say Thank You to Beautiful For This Useful Post:
james_112233 (12-23-2020), phaz0rz (12-22-2020), rsot (12-23-2020)
  #13  
Old 12-22-2020
phaz0rz's Avatar
Executive [VIP]
Threadstarter  
 
Join Date: Nov 2015
Posts: 10,840
Thanks: 2,082
Thanked 4,025 Times in 3,012 Posts
Activity: 5%
Longevity: 49%
iTrader: (2)
Send a message via ICQ to phaz0rz Send a message via AIM to phaz0rz Send a message via Yahoo to phaz0rz
Default Re: Ledger hack - 270,000+ customers doxxed

That's an insightful post, amazon guy.

Quote:
Originally Posted by Mayhard View Post

It's just a list of emails who has bought a ledger device at some time.
Except that it also includes the buyer's home address, phone number, and real name.
When people order physical products to be shipped to them they usually provide their real info.. and that's the problem here.
__________________
____________
_______
___
Reply With Quote
The Following User Says Thank You to phaz0rz For This Useful Post:
J_Rittenmouse (04-20-2021)
  #14  
Old 12-23-2020
james_112233's Avatar
Senior Member
 
Join Date: Mar 2017
Posts: 2,388
Thanks: 648
Thanked 560 Times in 421 Posts
Activity: 19%
Longevity: 41%
iTrader: (0)
Default Re: Ledger hack - 270,000+ customers doxxed

Quote:
Originally Posted by Beautiful View Post
Lots of emails/name/addresses have been leaked

if you bought a ledger, watch out for phishing emails, many people are receiving them

you can check here if your information was leaked

1. https://haveibeenpwned.com/
2. https://intelx.io/?did=8761746e-d333...d-9100c8722799

--------

Learn from their mistake, if you're going to order a hardware wallet in the future

1. Use a fictitious email + fictitious name, if you're having it mailed to your home

2. Ideally you want to get yourself a business UPS box, that has no ties to your name or ties to where you live

--------

Ledger has shown in the past to be greedy over having integrity, go for an open source wallet like trezor or coldcard if you're a little more tech savvy

Here's a great site with tons of resources: https://www.lopp.net/bitcoin-informa...d-wallets.html
Just checked that first site pwned and my primary email address has been leaked through 7 DATA BREACHES including MONEYBOOKERS and BLACKHATWORLD ... wow !

But I have to admit google's done a fairly fantastic job filtering the spam and putting them in to my spam box.
Reply With Quote
  #15  
Old 12-23-2020
Soundofsilence's Avatar
Senior Member
 
Join Date: Jul 2020
Posts: 306
Thanks: 117
Thanked 59 Times in 51 Posts
Activity: 0%
Longevity: 22%
iTrader: (0)
Default Re: Ledger hack - 270,000+ customers doxxed

Quote:
Originally Posted by Beautiful View Post
Lots of emails/name/addresses have been leaked

if you bought a ledger, watch out for phishing emails, many people are receiving them

you can check here if your information was leaked

1. https://haveibeenpwned.com/
2. https://intelx.io/?did=8761746e-d333...d-9100c8722799

--------

Learn from their mistake, if you're going to order a hardware wallet in the future

1. Use a fictitious email + fictitious name, if you're having it mailed to your home

2. Ideally you want to get yourself a business UPS box, that has no ties to your name or ties to where you live

--------

Ledger has shown in the past to be greedy over having integrity, go for an open source wallet like trezor or coldcard if you're a little more tech savvy

Here's a great site with tons of resources: https://www.lopp.net/bitcoin-informa...d-wallets.html

Thanks for the site, I just came to know that my data was breached 3 times in last 3 years and I just came to know about it when I read your message and checked (haveibeenpwned.com)

going to signup for some password managers any recommendation which is better than lastpass.com ?
Reply With Quote
  #16  
Old 12-23-2020
Soundofsilence's Avatar
Senior Member
 
Join Date: Jul 2020
Posts: 306
Thanks: 117
Thanked 59 Times in 51 Posts
Activity: 0%
Longevity: 22%
iTrader: (0)
Default Re: Ledger hack - 270,000+ customers doxxed

I was just researching whether to get ledger or trezor and when I typed in google ledger and on top there was a hack news posted an hour ago so I placed order on trezor and then I found this post here on forum.

I'm so lucky because If I was an hour earlier on making decision then I would have paid ledger to get hardware wallet. :D
Reply With Quote
  #17  
Old 12-23-2020
phaz0rz's Avatar
Executive [VIP]
Threadstarter  
 
Join Date: Nov 2015
Posts: 10,840
Thanks: 2,082
Thanked 4,025 Times in 3,012 Posts
Activity: 5%
Longevity: 49%
iTrader: (2)
Send a message via ICQ to phaz0rz Send a message via AIM to phaz0rz Send a message via Yahoo to phaz0rz
Default Re: Ledger hack - 270,000+ customers doxxed

lol well in all fairness, they've probably patched up whatever caused this breach by now.
__________________
____________
_______
___
Reply With Quote
The Following User Says Thank You to phaz0rz For This Useful Post:
J_Rittenmouse (04-20-2021)
  #18  
Old 12-23-2020
Soundofsilence's Avatar
Senior Member
 
Join Date: Jul 2020
Posts: 306
Thanks: 117
Thanked 59 Times in 51 Posts
Activity: 0%
Longevity: 22%
iTrader: (0)
Default Re: Ledger hack - 270,000+ customers doxxed

That is true as only personal informations were leacked and bitcoin were secure all the time unless non-tech person becomes victim of phishing scam.

Still I doubt now and will prefer trezor as it's open source completely.

Yes, I know ledger device seems to be secure unless some hacker has physical access to it.

All hardware wallets were successfully hacked with physical access to it by profestionals using weird methods as per kaspersky daily article.

I was surprised to read about the method of hacking trezor wallet by looking into ram while it's going through firmware update.

Here is the link :

https://www.kaspersky.co.in/blog/har...-hacked/15027/
Reply With Quote
  #19  
Old 12-23-2020
phaz0rz's Avatar
Executive [VIP]
Threadstarter  
 
Join Date: Nov 2015
Posts: 10,840
Thanks: 2,082
Thanked 4,025 Times in 3,012 Posts
Activity: 5%
Longevity: 49%
iTrader: (2)
Send a message via ICQ to phaz0rz Send a message via AIM to phaz0rz Send a message via Yahoo to phaz0rz
Default Re: Ledger hack - 270,000+ customers doxxed

My question : why even use a hardware wallet when using an encrypted software wallet (electrum) is just as secure? Maybe more secure because you don't have to provide your real information to a company in order to have a device shipped to you.

Yes it's true you could have a hardware wallet shipped to a business address like beautiful said but most people won't do that. It seems like hardware wallets could be used as a way of identifying bitcoin users. Regardless of who you order it from, you're buying from a company who's going to store your info in a database, like Ledger.
__________________
____________
_______
___
Reply With Quote
The Following 2 Users Say Thank You to phaz0rz For This Useful Post:
J_Rittenmouse (04-20-2021), Soundofsilence (12-23-2020)
  #20  
Old 12-23-2020
Soundofsilence's Avatar
Senior Member
 
Join Date: Jul 2020
Posts: 306
Thanks: 117
Thanked 59 Times in 51 Posts
Activity: 0%
Longevity: 22%
iTrader: (0)
Default Re: Ledger hack - 270,000+ customers doxxed

Quote:
Originally Posted by phaz0rz View Post
My question : why even use a hardware wallet when using an encrypted software wallet (electrum) is just as secure? Maybe more secure because you don't have to provide your real information to a company in order to have a device shipped to you.

Yes it's true you could have a hardware wallet shipped to a business address like beautiful said but most people won't do that. It seems like hardware wallets could be used as a way of identifying bitcoin users. Regardless of who you order it from, you're buying from a company who's going to store your info in a database, like Ledger.
I was not aware that it's that much secure and it's encrypted, I used it today for the 1st time and transacted once but very small amount for testing purposes. I'll do more research. Thanks
Reply With Quote
  #21  
Old 12-23-2020
Junior Member
 
Join Date: Nov 2017
Posts: 85
Thanks: 14
Thanked 3 Times in 3 Posts
Activity: 0%
Longevity: 38%
iTrader: (0)
Default Re: Ledger hack - 270,000+ customers doxxed

Quote:
Originally Posted by phaz0rz View Post
That's an insightful post, amazon guy.


Except that it also includes the buyer's home address, phone number, and real name.
When people order physical products to be shipped to them they usually provide their real info.. and that's the problem here.
I can't find the list of names and addresses , but I can see my email. Are you sure,
is there a link?
.
Reply With Quote
Reply



Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
hack on selling eb acc and paypal oompaloompa UK eBay & Paypal 14 02-28-2016 03:14 PM


Aspkin Group

All times are GMT -5. The time now is 03:45 PM.


Stop the guessing games and learn how you can quickly and easily get back on eBay today!
Read the best selling step-by-step eBay Suspension guide eBay Stealth!
Amazon Suspension? Read Amazon Ghost to get back on Amazon!
vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Ad Management by RedTyger
no new posts

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58