$34 000 USD





"Based in France, Ledger is the largest cryptocurrency hardware wallet company." "Ledger is a hardware cryptocurrency wallet that is used to store, manage, and sell cryptocurrency. The funds held in these wallets are secured using a 24-word recovery phrase and an optional secret passphrase that only the owner knows."


"Ledger offers two products, the Nano S and Nano X, that can store the digital keys used to secure crypto wallets. The devices can be used with a variety of cryptocurrencies, are compatible with numerous apps, and are supposed to offer a safe way to manage crypto without compromising too much on convenience. Ledger says on its website that it has sold 1.5 million products to customers in 165 countries to date."


"The seller didn't "compromise the package", he opened a simple box, setup a new seed on the ledger with the pin "5555", made a convincing card to go in the box that includes the seed on a scratch off and directions to use, then put it all back in the box like it was never opened."


"My Ledger Nano S arrived today and I noticed some weird things about this one compared to youtube tutorials i've seen before purchasing that have me a little concerned."


"[A] scam Ledger Nano (bought on Ebay) came with a "scratch off" paper, to reveal the seed words. With a real Ledger Nano, the seed words are generated by the device." "Custom scratch offs... wow. I realize not much effort to do it, but enough to trick someone."


"The Ledger he bought was (almost certainly) the real device, not a fake. The scammer initialised the device and generated the seed on the device before sending it to the victim. The victim, not knowing any better, used this pre-made, compromised seed."


"Had [t]he victim reset the device when he got it (getting a new 24 word seed) then he would have been perfectly fine."


"The first is when I started the device for the first time, it didnt ask me if i wanted to set up the device as new or restore a old one. Not only that the PIN was set to 5555 as stated on the welcome card. It also didnt give me the seed words and they appear to be on a "scratch card" included with the device. The Paper work looks legit but I wiped the device and set it up again to be safe. It also works with the Chrome Apps fine."


"I have not used my Ledger in a week, today I decide to check the value of my XRP, Litecoin and Dash only to discover that all of them showed up as zero and had been transferred somewhere else yesterday all around the same time at 7:30pm. I am not sure how this is possible as I have not access my Ledger in a week. I do not know what do to as the total value is over £25000, has by currency been stolen or is it something else? I am at a lost here and right now feel so physical sick. Some please help."


Ledger responded to "Please contact us directly by PM with your email. We'll put you in touch with our General Counsel so we can help you file a formal criminal complaint and bring the eBay seller to justice."

Ledger hardware wallets were being resold through Ebay, with the company insisting these were safe to purchase. Criminal resellers initialized seed phrases on hardware wallets. and created fake instructions complete with scratch card seed words. This resulted in customers receiving official wallets with seed phrases already provided. It appears that at least one user got scammed and lost funds, though the details are not known.


The safest strategy is to always buy the hardware wallet directly from Ledger and always be sure to initialize it with a newly generated seed phrase. While it is unlikely that someone who had tampered with a Ledger device would also send a seed phrase with the package, anything is possible.


When setting up a new wallet of any sort, it is also a good practice to only transfer a small quantity of funds first, transferring the rest if those funds remain safe. This minimizes damage from any theft incident involving immediate removal of the funds. Advanced users may also set up a multi-sig with hardware wallets from different manufacturers all required to sign the outgoing transaction. You should also test the wallet to make sure that you can withdraw funds and didn't make a mistake in the setup.


Check Our Framework For Safe Secure Exchange Platforms

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.