Big claim from random on twitter.

I dont know anymore but is this person talking of eth being drained out of hardware wallets?

This is a big claim to make if true. I dnt believe that these effected users had not put their seed directly into MM or whatnot.

Anyone from ledger tell me does this post hold any weight?

Related news:

No related news.

9 thoughts on “Big claim from random on twitter.”

  1. The Ledger subreddit is continuously targeted by scammers. Ledger Support will never send you private messages. Never share your 24-word recovery phrase with anyone, never enter it on any website or software, even if it looks like it’s from Ledger. Only keep the recovery phrase as a physical paper or metal backup, never create a digital copy in text or photo form. Learn more at https://reddit.com/r/ledgerwallet/comments/ck6o44/be_careful_phishing_attacks_in_progress/

    I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

  2. If you had certain allowances on say an eth address connected to metamask, wouldn’t they still need access of the hardware wallet to approve any movement of assets on the address?

  3. I don’t understand why you think it’s about hardware wallets when the tweet doesn’t mention anything like that, and the tweet even says ‘no idea how’…

     

    And mentioning that, the “no one knows how”…

     

    • People share their wallet backup file with others.
    • People share their private keys with others.
    • People share their recovery phrases with others.
    • People share their hardware wallet and PIN with others.
    • People install malicious apps and enter data that they never should enter in any app.
    • People blindly sign transactions.
    • People blindly sign smart contracts.
    • And a lot more other scams, like mentioned here: https://www.ledger.com/academy/library/topics/scams.

  4. The “hacks” mentioned in that tweet involve software wallets, that are vulnerable to be compromised by malware.

    Some malware could have gathered data a while ago, that they just exploited recently.

  5. For all the words in that thread, it’s still very fuzzy what the attacks actually are.

    But there’s no mention that hardware wallets are being drained in there.
    To the contrary, one of the pieces of advice given is “Get a hw wallet”, so that would hint the author doesn’t believe a properly secured hardware wallet would be at risk from whatever this is.

    Still, it’s at least a little funny to think that all those impacted “OGs” would not be using hardware wallets, so maybe that’s why you assumed they were impacted.
    Or maybe it was the “If you are reading this, you’re the type to be drained by this.”

    IDK. The whole thing has a weirdly high ratio of sensationalism/signal, but hopefully that’s just a twittish attempt to get some attention on this in order to get more details from victims and put together a better picture.

  6. It’s primarily software wallets which are impacted. Root causes are pure speculation at the moment. It could possibly be the breach of LastPass from last year, since a lot of people do store their private key in password managers as backup.

  7. Once your seed is exposed, HW wallet or not, it’s irrelevant, everything will be gone.

Comments are closed.