Under the Breach Cybercrime Experts Say Trezor and Ledger Crypto Wallet User Databases for Sale

News
Sun, 05/24/2020 - 14:22
Vladislav Sopov
The Israeli-based cybersecurity team Under the Breach reported that someone sold the Trezor and Ledger wallet databases and the Bank To The Future investment platform.
Cover image via stock.adobe.com
Contents

Today, the Under the Breach team, which addresses the cybercrime investigations sphere, published screenshots of dialogues with a hacker pretending to own the databases of two of the world-leading hardware wallets - Ledger and Trezor. 

Aftermath of Shopify Exploit?

According to investigators, the malefactor posted his announcements on a forum. He claims to have hijacked the databases of numerous crypto-related products including Trezor, Ledger, and KeepKey hardware wallets, as well as the Bitso payment provider and Ethereum.org forum.

The hacker also pretended to obtain a SQL dump of investors from the Bank To The Future platform. As per the Jabber conversation with this mysterious cybercrook, the individual accessed the sensitive databases through a critical flaw in Shopify's data storage infrastructure.

Whoever he/she is, this person demonstrated an insane thirst for money. He advertised his message as 'BIG MONEY ONLY' and was very selective about the clients (spelling of the original is kept):

Don't offer me low dolar, only big money allowed

It May Not Be That Bad

While the hacker demonstrated his/her knowledge of obtaining information from databases, some of the alleged 'victims' have already denied the fact that their clients' data was leaked.

The Ledger team was the first to announce that the malefactor may have been bluffing:

The producers of cutting-edge hardware crypto wallets started their own investigation and have disclosed that the files for sale do not match the real Ledger database.

Trezor's e-commerce team also started an investigation, and its representatives announced that they do not use Shopify.

About the author

Blockchain Analyst & Writer with scientific background. 5+ years in IT-analytics, 2+ years in blockchain.

Worked in independent analysis as well as in start-ups (Swap.online, Monoreto, Attic Lab etc.)


This site uses cookies for different purposes. Please set your preferences in Cookie Settings and visit our Cookie policy for more information on how and why cookies are used on this site. Click here for cookie policy

Cookie settings