A Ledger admin account was hacked to issue a fake warning.
Users were tricked into clicking phishing links.
Seed phrases were stolen, leading to asset loss.
In a recent security breach, a community administrator’s account at Ledger, a leading hardware wallet company, was compromised by a malicious actor. The attacker used the admin’s identity to post an alarming—but fake—security vulnerability notice. Disguised as an official Ledger message, the fraudulent warning urged users to protect their assets by clicking a link, which turned out to be a phishing trap.
This scam led many unsuspecting users to a malicious site that requested their wallet seed phrases—the most critical piece of information for crypto security. Those who entered their details unknowingly handed full access to their wallets to the attacker, resulting in the theft of their crypto assets.
How the Scam Unfolded
The attacker took advantage of the trust placed in Ledger’s community moderators. By mimicking the style and urgency of a real Ledger announcement, the hacker crafted a believable post that instructed users to “update their wallet security” via a provided link. The link led to a cloned website designed to steal seed phrases.
Many users acted quickly, thinking they were responding to a real threat. However, the speed and believability of the scam meant that by the time it was exposed as a fraud, losses had already occurred.
An attacker hacked into the account of a community administrator of the hardware wallet company Ledger, impersonated the official to issue a false security vulnerability warning, and induced users to click on phishing links to submit their seed phrases, thereby stealing assets.…
— Wu Blockchain (@WuBlockchain) May 12, 2025
Stay Safe: What Users Should Know
Ledger has since confirmed the hack and is investigating the breach. The company emphasized that users should never share their seed phrases—no legitimate service will ever ask for them, even in emergencies.
To avoid falling victim to such scams in the future, users are encouraged to:
Only follow updates from official Ledger channels.
Never click on links shared by individuals, even moderators, unless verified.
Regularly check for phishing alerts from trusted crypto security sources.
As the crypto space grows, so do the tactics of attackers. Vigilance remains the most powerful defense.
Read Also :
Ledger Phishing Attack Hits Users Through Compromised Admin
$774M in Crypto Token Unlocks Coming This Week
Bitcoin Whale Adds 1,721 BTC Worth $179M in 2 Days
Want Speed, Scale, and Security? Qubetics, Polkadot, and Flare Are the Best Cryptos to Join Today
Metaplanet Buys 1,241 BTC in Bold Crypto Move
