Always take in consideration non of this information is financial advice or official announcement from any specific project, I’m no financial advisor, trader or expert, this is just my personal opinion on certain project mention on this article, cryptocurrencies are extreme high risk assets and you must do you own research, never follow what I or other people say on internet
Ledger Users In Danger - Irony behind a hardware wallet
In my three years in crypto I have done KYC a couple of times, I have always thought this is something that might fire back depending on how tight is the security of the company that holds my data, most of the time the data and KYC process is not done by the site you are applying too so you really don't know who you sending your information too, the Know Your Customer process requires sensitive data as an individual and just by mentioning crypto next to the KYC process if this data is leak anyone who gets a hold to your data will immediately assume you own crypto, it is the case to the Ledger Database Dump.
The Ledger Database Hack was early this year on June, we have seen many attempts by scammers and hackers get people data through phishing emails, domains, you tube live streams and many others, its funny how this is a hack that never actually affect the integrity of the hardware wallet itself but its sounds, to the point that now Ledger users are being threat by other people asking for $500 if not will be located and face harm.
Early today I saw this picture while I was making line to buy a few hard drivers.
Immediately I knew this was fake but also thought would be nice if the Glock is like the carrying case of the Ledger Nano, then as I start to open crypto blogs I notice this article by Cointelegraph been repost many times
"Doxxed Ledger users in danger of physical harm "
https://cointelegraph.com/news/doxxed-ledger-users-in-danger-of-physical-harm
Everytime we go through a KYC process this is a risk we are accepting, now is up to you to send out your documents only if the service is really necessary, to be hones I only do KYC if I know I'm going to make sums of crypto that I don't want to let the opportunity pass but for a hardware wallet that's kind of ridiculous, Ledger said this is for the purchase process and shipping that makes sense but keeping the data is the part I don't share, shipping data should be destroy once the package has been deliver, this is not the first time we see phishing and hacks around hardware wallets.
According to Ledger the publicly announce there are around 272,000 users approximately that were exposed on this data breach, usually they will give out one-third of the real number so lets sit on 1 million users, I never believe this data release by companies that were hacked, between the data that was release:
First Name
Last Name
Phone Number
Postal address
It makes me feel sad for all those people who are going to be affected by this data breach based on the irony they were looking for a device created by a company, it's not cheap at $145 USD before shipping, to become victims of hackers and now dead threats, not only that they are going through this situation they now don't know what to trust online, they don't trust Ledger domains because we have seen this type of phishing attempts too, they don't trust Ledger email and the device that didn't actually fail that they are supposed to trust who knows if it is or is going to be compromise.
Ledger have also mention those who were identified on the data breach will receive an email as a notification, as part of the campaign Ledger has a page on their site that list all the possible phishing attempts they have been able to identify and many users have already report
https://www.ledger.com/phishing-campaigns-status
A tool that have used for many years now with my clients as an IT is the website haveibeenpwned.com, a website created by Troy Hunt
"I'm Troy Hunt, a Microsoft Regional Director and Most Valuable Professional awardee for Developer Security, blogger at troyhunt.com, international speaker on web security and the author of many top-rating security courses for web developers on Pluralsight. "
The ledger data dump is not the first one that HIBP has been tracking and if you look at the amount of accounts they have been able to identify at the bottom of their page from the Ledger case it's over a 1 million, this was hilarious because as I'm writing this article I open the site and there was the Ledger accounts number identify, meaning never ever trust a company that has been hacked again, I got a few emails that appear on this website due to service like forums and Dropbox.
On the main page you can look up your email to find out if it appear on any of the database they hold https://haveibeenpwned.com/ or you can also check if any of the passwords you use has been on any hacked database https://haveibeenpwned.com/Passwords , I also suggest if you would like to keep inform of recent large data breach follow on twitter @hrock or his blog https://underthebreach.com , @hrock has been someone who have post many useful and interesting content about security breach of many companies in the past as he did with the Ledger case.
Few weeks back this year I made a post "HOW TO KEEP YOUR BITCOIN SAFE SIMPLE AND PLAIN"
https://peakd.com/blog/@cryptoxicate/how-to-keep-your-bitcoin-safe-simple-and-plain
It's a bit complicated for new users but on this article I explain how painful could be to keep your security tight by using a mix of security measures and some of them still analog.
To this leak of information many crypto experts and OG have come together to instruct users affected what can they do to avoid this type of inconvenience in the future and to somewhat stay safe, to be honest once you can be physically located things escalate it's not digital anymore, we talking kidnap, blackmail, guns, you name it, with crypto going so high lately.
Steps to follow:
- New phone (device itself not just phone number)
- New carrier
- New phone number
- Safe deposit for hardware wallet
- Transfer crypto to new wallets, more than one
- New email address
- NO SMS I REPEAT NO SMS AUTHENTICATION
- New 2FA device
- For exchanges use hardware 2FA, Yubikeys
- Use 2FA for everything, WITHOUT SMS AUTHENTICATION
It's a very delicate situation, the entire debate of DOXX OR NOT TO DOXX is an old debate on twitter by the crypto community, it all depend if besides been just a crypto investor you want to someone express your opinion in such open space, sometimes people value others opinion if they show their face it gives some sort of confidence in the person.
Anyways its very sad what is happening now in the space, since 2017 I have seen many hacks, scams and we even saw the 2018 kidnaps when Bitcoin hit $20k, things are repeating but the craze will be worst I think, Euphoria is not here yet, we are just seen institutions going crazy for Bitcoin like Microstrategy who is buying all dips and publicly declaring it, try to always avoid KYC and have certain respect for technology, time will come when your privacy will have a higher value than any other token you may have on your hardware wallet.
Stay safe
If you like the content please share and subscribe on any of the social networks below or use any of my referral links from down below.
Good Luck, Thanks
👇🏻Consider Supporting the channel by using my affiliate links👇🏻
CLICK HERE FOR CRYPTO LOAN: https://celsiusnetwork.app.link/10474294f5
CLICK HERE TO TRADE: https://www.binance.com/en/register?ref=LOEHBWXR
CLICK HERE FOR VPS: https://www.vultr.com/?ref=8653830
LINKS:
► Start Trading Altcoins: https://bit.ly/startaltcointrading
► Start Mining: http://bit.ly/2LPfJly
► Start Trading Stocks: https://ftx.com/#a=604743
More of my content
LBRY: https://lbry.tv/@cryptoxicate
Hive: https://peakd.com/@cryptoxicate/posts
Publish0x: https://www.publish0x.com/@CRYPTOXICATE
Youtube: http://bit.ly/CRYPTOXICATEYT
Website: https://Cryptoxicate.com
Music: https://bit.ly/GREATCREATORMUSIC
CLICK HERE TO RENT MINER: https://www.miningrigrentals.com/register?ref=44378
DISCLAIMER: The information Cryptoxicate.com or its media channels not limited to Twitter, Telegram, Discord, Instagram, Facebook, or any upcoming social media platform or internet search engine results is not financial advice. This information is for informational and entertainment purposes only. Any information provided are only and simple thoughts and opinions, you must not follow any of this thoughts and look for a professional financial advisor since we are not any type of advisors. Dont not get into crypto currencies since its a high risk investment if you do not have the proper guidance and any investment that you made is your own responsibility and no one else.
#bitcoinhalving #bitcoin #ethereum #cryptocurrency #blockchain #crypto #tron #nuls #hive #binance
Esta publicación ha recibido el voto de @blurthispano, una iniciativa dedicada a promover el contenido de calidad de la comunidad hispanohablante . Te invitamos a usar el tag #blurthispano. Nos puedes encontrar en Discord
Vota por nosotros como Testigo (Witness) en el siguiente enlace Testigo / Witness