Fake Ledger-Trezor Merger Email Steals Crypto Recovery Phrases
Posted inCybersecurity Tech News

Fake Ledger-Trezor Merger Email Steals Crypto Recovery Phrases

No Comments

> At a Glance

> – Phishers impersonate Ledger and Trezor merger after Global-e breach

> – Leaked order data personalizes convincing fake emails

> – Users told to “migrate” wallets by entering 24-word seed on spoof site

> – Why it matters: One typed recovery phrase equals total wallet drain

A January 5 breach at Ledger’s e-commerce vendor Global-e is already fueling a slick new phishing wave. Attackers blend stolen names, emails, phone numbers and order specifics with a bogus claim that Ledger and Trezor have merged.

How the Scam Works

The email opens with corporate cheer:

> “We are pleased to announce that after months of strategic discussions, Ledger and Trezor have finalized a merger agreement. This landmark partnership unites two industry leaders…”

Victims are then urged to “migrate” their assets by typing their 24-word recovery phrase into a look-alike site. One submission hands full wallet control to the thieves.

Fallout From the Global-e Hack

users

Global-e confirmed only contact and order details leaked, not private keys. Still, that data is gold for spear-phishers.

  • Personalized greetings and real order numbers lower suspicion
  • Fake domain mimics official branding
  • No request for payment-just the recovery phrase
Response So Far Status
Global-e Internal probe underway with outside cyber firm
Ledger Notified regulators and law enforcement
Trezor Publicly disavows the merger claim

Ledger’s Repeat Breach History

This isn’t Ledger’s first data drama. Past incidents include:

  • 2020: E-commerce breach exposed 272,000+ customer records
  • Same year: Rogue Shopify worker leaked 20,000 entries
  • 2023: Supply-chain attack slipped wallet-draining code into dApp library, stealing ~$600k

Public backlash after the 2020 leak spurred a class-action suit naming both Ledger and Shopify.

Key Takeaways

  • Ledger and Trezor have not merged-treat any such email as fake
  • Never type your 24-word seed into any website, no matter the reason
  • Verify news through official Twitter/X accounts or in-app alerts
  • If you entered the phrase, move funds to a new wallet immediately

Stay alert: leaked order info makes old-school typos and generic greetings disappear, raising the bar on what feels “real.”

Author

  • My name is Marcus L. Bennett, and I cover crime, law enforcement, and public safety in Los Angeles.

    Marcus L. Bennett is a Senior Correspondent for News of Los Angeles, covering housing, real estate, and urban development across LA County. A former city housing inspector, he’s known for investigative reporting that exposes how development policies and market forces impact everyday families.

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *