Hacker Sells Tens of Thousands of Ledger, Tezor, and Keepkey Users’ Info

Published at: May 24, 2020

The hacker that breached the Ethereum.org forum is allegedly selling the databases for the three most-popular crypto hard wallets — Ledger, Trezor, and KeepKey.

The three databases contain the name, address, phone number, and email for more than 80,000 users combined, however, they do not contain passwords for the accounts.

The hacker has also recently listed the SQL database for online investment platform, BnkToTheFuture.

Ledger and Trezor databases reportedly compromised

On May 24, cyber crime monitoring website, Under the Breach, spotted the hacker’s new listings for the databases of the top hardware wallet providers.

The hacker claims to be in possession of account information corresponding to nearly 41,500 Ledger users, over 27,100 Trezor users, and KeepKey’s 14,000 customers.

Chat logs posted to Twitter indicate that the data was stolen through exploiting a vulnerability to the popular e-commerce website platform Shopify.

However, a Shopify spokesperson told Cointelegraph that an internal investigation “found no evidence to substantiate” the hacker’s claims, “and no evidence of any compromise of Shopify’s systems.”

 

Hacker adds to bazaar of crypto account info

The hacker is now advertising the databases of 18 virtual currency exchanges and forums, in addition to the email lists of two crypto tax platforms.

The databases include the full SQL for Korean exchange Korbit spanning 4,500 users, three databases for Mexcican trading platform Bitso, and the complete account information including passwords for blockchain platforms Blockcypher, Nimirum, and Plutus.

The hacker specifies he is only interested in premium bids, stating: “Don’t offer me low dolar, only big money allowed.”

A Bitso representative told Cointelegraph that its response protocols have so far “not found evidence that a third party has sufficient information to access our customers’ accounts.” The exchange’s cyber security team is currently in the process of further investigations into the veracity of the information published.

KYC platforms comprise honeypot for hackers

Last week, BlockFi reported a data breach resulting from a Sim-swap attack. Customers’ full names, email address, date of birth, and physical addresses were leaked. Client funds were not impacted.

At the end of April, Etana, a custody firm that provides services to Kraken, also suffered a data breach that did not see any customer funds lost.

Update: This article was updated on May 25 to include comments from a Shopify representative and a Bitso spokesperson refuting that the firm’s systems were compromised.

 

Tags
Related Posts
It’s been 4 months & KeepKey’s hardware is still vulnerable to remote ransom attacks
A Shift Crypto employee successfully deployed a ransom attack on Trezor and KeepKey hardware wallets last May. While Trezor released a fix on September 2, KeepKey has yet to fix the issue. According to a blog post published on September 2, the vulnerability affected all cryptocurrencies on affected devices. The exploit, which was first spotted on April 15 by developers Shift Crypto, also affected KeepKey wallets — which were originally based on a fork of Trezor’s code and likely operate on similar foundations. When asked about the vulnerability, a KeepKey representative apparently commented that a fix had not yet been …
Technology / Sept. 3, 2020
Ledger, Trezor and Others: Hack Allegations Are Baseless, Lack Proof
According to a report by an online monitoring web portal, Under the Breach, a hacker was able to penetrate the privacy protocols of major firms such as Trezor, Ledger and Bnktothefuture on May 24 and walk away with a host of sensitive customer data, including email addresses, home addresses and phone numbers. The documents posted by Under the Breach claimed that the hacker was in possession of three large databases that allegedly contained the details of more than 80,000 customers. In this regard, it was also rumored that the hacker was able to procure the above-stated information via an exploit …
Technology / May 27, 2020
Stolen Trezor, Ledger and KeepKey Databases Are a ‘Scam,’ Says SatoshiLabs
The hacker claiming to be selling user databases from top hardware wallet manufacturers Ledger, Trezor, and KeepKey appears to actually be peddling bunk, according to SatoshiLabs. On May 24, cybercrime monitoring blog Under the Breach reported that a hacker had begun advertising the customer databases of popular hardware wallet companies for sale. The data purportedly included the full names and physical addresses for over 80,000 user accounts. Under the Breach tweeted screenshots suggesting that the hacker obtained the databases by exploiting a vulnerability of popular e-commerce platform Shopify. “Don’t offer me low dolar, only big money allowed,” the hacker warns …
Blockchain / May 25, 2020
Trezor Takes a Shot at Ledger After the Hack
Following Ledger's confirmed data breach on June 17, competing hardware wallet manufacturer Trezor cheekily made their followers aware that they frequently purge their systems of all customer order data, including email addresses — apparently every 90 days. Trezor also added a coupon in its tweet that offers 10% discount in its shop, and the code is “DATAPRIVACY.” However, despite the measures announced in the tweet, people asked the company if their “database backups and logs” will be included in the sensitive data purge every 90 days. No response has been provided by Trezor as of press time. Ledger already notified …
Technology / July 29, 2020
Ledger Discloses Five Reported Vulnerabilities in Two Models of Trezor Hardware Wallets
Major hardware wallets manufacturer Ledger has unveiled vulnerabilities in its direct competitor Trezor’s devices, according to a report published on Monday, March. 11. As of press time, Trezor was not immediately available to comment on Ledger’s findings. The study states that the vulnerabilities were found by Attack Lab, the company’s department that hacks into both its own and competitors’ devices to improve security. Ledger claims that it has repeatedly addressed Trezor about weaknesses in their Trezor One and Trezor T wallets, and has decided to make them public after the responsible disclosure period ended. The first issue is related to …
Blockchain / March 11, 2019