U.S. Authorities Recover $600K from Ledger Phishing Scam

Severity: Medium (Score: 48.9)

Sources: Kucoin, Decrypt.Co

Summary

The U.S. Attorney's Office for the District of Connecticut has recovered over $600,000 in cryptocurrency linked to a phishing scam that targeted a Ledger hardware wallet user in September 2025. The victim was tricked into responding to a fraudulent message impersonating 'Ledger Security and Compliance,' leading to the theft of approximately $234,000 in crypto assets. The FBI and state police traced the stolen funds, resulting in the seizure of approximately $600,000 in USDT stablecoin. This incident is part of a broader trend of phishing attacks aimed at hardware wallet users, employing tactics such as physical mail featuring company logos and QR codes to enhance credibility. The ongoing phishing campaigns are fueled by data breaches and vulnerabilities in third-party services, affecting multiple hardware wallet manufacturers. The recovery of funds was achieved through a civil forfeiture action alleging wire fraud and money laundering. The case highlights the persistent threat of phishing scams in the cryptocurrency space. Key Points: • Over $600,000 in cryptocurrency was recovered from a phishing scam targeting Ledger users. • The scam involved fraudulent messages impersonating Ledger's security team. • This incident is part of a series of phishing attacks exploiting vulnerabilities in hardware wallets.

Key Entities

• Phishing (attack_type)
• Ledger (company)
• Trezor (company)
• T1566 - Phishing (mitre_attack)