Latest news with #Ledger
CNBC
5 days ago
- Business
- CNBC
Crypto theft is booming as criminals increasingly turn to physical attacks
The value of cryptocurrencies stolen by criminals surged in the first six months of 2025 after a high-profile hack and a wave of physical attacks targeting crypto holders and their relatives. So far this year, $2.17 billion has been stolen from crypto services — already eclipsing the $1.87 billion of funds stolen from platforms in 2024 — and this is expected to reach $4 billion by the end of 2025, according to a report published Thursday by blockchain analysis firm Chainalysis. Overall, the combined value of digital tokens stolen from both crypto platforms and individuals hit more than $2.8 billion and is already approaching the $3.4 billion in crypto stolen last year. The bulk of the funds stolen from services came from February's cyberattack on Dubai crypto exchange Bybit, which saw North Korea-linked hackers make off with $1.5 billion. It's estimated to be the largest crypto heist in history. However, the rise in stolen crypto assets was also driven by a spike in attacks on individual crypto wallets. Personal wallets accounted for over 23% of total thefts, with attackers increasingly turning to physical violence and coercion to access funds, Chainalysis said. In January, David Balland, a co-founder of crypto wallet firm Ledger, was kidnapped with his wife from their home in central France. Before they were freed, the attackers cut off Balland's finger and sent footage of it to his fellow co-founder Eric Larcheveque demanding ransom money. Separately, in May, the father of a crypto entrepreneur was taken in broad daylight by four men wearing ski masks. The kidnappers demanded a ransom of several million euros and cut off one of the man's fingers. He was freed by police days later. Eric Jardine, cybercrimes research lead at Chainalysis, told CNBC that the rise in crypto-related thefts was primarily being driven by increasing crypto adoption and price appreciation. "Adoption means there are more services and users in the crypto ecosystem, making thefts more common. Price appreciation means that services and individuals in crypto have more USD value to lose, even if the total assets stolen are relatively constant over time," Jardine said via email. Jardine suggested that the uptick in attacks on individual crypto holders could relate to the fact that crypto trading services are beefing up their security. "If services become better at security, malicious actors will potentially move to targeting individual wallet holders and trade off a single large-scale heist in favor of a large number of smaller-scale victimizations," he said. Meanwhile, rising wealth accumulated through holdings of cryptocurrencies like bitcoin has resulted in a rise in crypto influencers flaunting their lifestyle on social media platforms. Jardine stressed it was important not to blame the victims of physical crypto-related attacks, adding that "showy displays of wealth can quite obviously attract the attention of a bad actor when compared to a more modest outward facing lifestyle."
Yahoo
5 days ago
- Business
- Yahoo
Mail scams are still targeting Canadians even today – here's what to watch for
As a compliance and anti-fraud professional, Amber D. Scott is no stranger to scams. But even she was surprised to find one waiting in her community mailbox, addressed directly to her. The letter purported to be from Ledger, a maker of cryptocurrency hardware wallets, asking her to scan a QR code to enable a new security feature. If she didn't complete the setup by July 30, the letter says she could lose access to her cryptocurrency. Scott, chairperson of Outlier Compliance Group, says the letter had several hallmarks of legitimacy at first glance. It contained no obvious spelling mistakes, listed devices a recipient might own, included brand logos and provided a signature. It also created a sense of urgency by imposing a deadline, she says. 'There's likely a higher open rate when you get a piece of mail addressed to you,' she added, whereas it's easier to delete an email. The scam Scott encountered is part of a growing trend of increasingly sophisticated fraud targeting Canadians, sometimes even through old-fashioned mail. While many scams have moved online, experts warn that physical letters can appear highly convincing and prey on urgency or fear. Canadians lost over $342 million to fraud in the first six months of 2025, according to Jeff Horncastle, client and communications outreach officer for the Canadian Anti-Fraud Centre (CAFC). Roughly $827,000 of that was a result of mail fraud. In 2024, investment fraud — including cryptocurrency scams — was among the top three fraud types reported to the CAFC, accounting for more than $310 million in losses. While cyber-enabled fraud accounts for about 75 per cent of reported losses to the CAFC, the organization has noted an increase in certain types of mail fraud, such as foreign money offers which include inheritance letters. Mail scams continue to deceive Canadians because they look official, Horncastle says. Printed letters often mimic the formatting and logos of those they're impersonating, and they can include real details, including your name and contact information. Fraudsters may also lure victims with promises of rewards or large amounts of money via what appears to be formal communications, he says. Scott says her approach to anything cryptocurrency related is to assume it's a scam, and then try to disprove that hypothesis. She didn't scan the QR code as advised, and suspects it would have led to a fake Ledger site asking her to download information or enter private keys or seed phrases (a crypto wallet recovery passcode) that would give scammers access to cryptocurrency. Or, it might automatically download malware that steals crypto automatically, she says. Horncastle similarly recommends Canadians not to scan QR codes received through unsolicited messages, which include letters in the mail. Always contact the company or agency by finding their official contact information first — outside of what appears in the letter. When doing so, Scott recommends searchers avoid any websites that don't look familiar. 'People can be less critical when they're evaluating Google search results,' she said. To debunk the scam, Scott also searched online for the suggested 'Ledger transaction check' alongside the word 'scam' and quickly found a warning from Ledger itself. The company confirmed it does not send physical letters to customers, suggesting such scams have circulated before. The scams may possibly be related to a previous data breach involving customer names and addresses, Scott says. She recommends others also search for two related terms + 'scam' when receiving suspicious communications. To break the sense of urgency scams create, Scott recommends taking a beat and talking to other people about what has been received — or find other ways to reflect on how to respond. It will decrease a sense of agitation that could spur a quick reaction. 'This is the challenge of our times,' she said. 'Figuring out what's real and true.' If you suspect a scam, report it to the Canadian Anti-Fraud Centre. Sign in to access your portfolio
Yahoo
5 days ago
- Business
- Yahoo
Mail scams are still targeting Canadians even today – here's what to watch for
As a compliance and anti-fraud professional, Amber D. Scott is no stranger to scams. But even she was surprised to find one waiting in her community mailbox, addressed directly to her. The letter purported to be from Ledger, a maker of cryptocurrency hardware wallets, asking her to scan a QR code to enable a new security feature. If she didn't complete the setup by July 30, the letter says she could lose access to her cryptocurrency. Scott, chairperson of Outlier Compliance Group, says the letter had several hallmarks of legitimacy at first glance. It contained no obvious spelling mistakes, listed devices a recipient might own, included brand logos and provided a signature. It also created a sense of urgency by imposing a deadline, she says. 'There's likely a higher open rate when you get a piece of mail addressed to you,' she added, whereas it's easier to delete an email. The scam Scott encountered is part of a growing trend of increasingly sophisticated fraud targeting Canadians, sometimes even through old-fashioned mail. While many scams have moved online, experts warn that physical letters can appear highly convincing and prey on urgency or fear. Canadians lost over $342 million to fraud in the first six months of 2025, according to Jeff Horncastle, client and communications outreach officer for the Canadian Anti-Fraud Centre (CAFC). Roughly $827,000 of that was a result of mail fraud. In 2024, investment fraud — including cryptocurrency scams — was among the top three fraud types reported to the CAFC, accounting for more than $310 million in losses. While cyber-enabled fraud accounts for about 75 per cent of reported losses to the CAFC, the organization has noted an increase in certain types of mail fraud, such as foreign money offers which include inheritance letters. Mail scams continue to deceive Canadians because they look official, Horncastle says. Printed letters often mimic the formatting and logos of those they're impersonating, and they can include real details, including your name and contact information. Fraudsters may also lure victims with promises of rewards or large amounts of money via what appears to be formal communications, he says. Scott says her approach to anything cryptocurrency related is to assume it's a scam, and then try to disprove that hypothesis. She didn't scan the QR code as advised, and suspects it would have led to a fake Ledger site asking her to download information or enter private keys or seed phrases (a crypto wallet recovery passcode) that would give scammers access to cryptocurrency. Or, it might automatically download malware that steals crypto automatically, she says. Horncastle similarly recommends Canadians not to scan QR codes received through unsolicited messages, which include letters in the mail. Always contact the company or agency by finding their official contact information first — outside of what appears in the letter. When doing so, Scott recommends searchers avoid any websites that don't look familiar. 'People can be less critical when they're evaluating Google search results,' she said. To debunk the scam, Scott also searched online for the suggested 'Ledger transaction check' alongside the word 'scam' and quickly found a warning from Ledger itself. The company confirmed it does not send physical letters to customers, suggesting such scams have circulated before. The scams may possibly be related to a previous data breach involving customer names and addresses, Scott says. She recommends others also search for two related terms + 'scam' when receiving suspicious communications. To break the sense of urgency scams create, Scott recommends taking a beat and talking to other people about what has been received — or find other ways to reflect on how to respond. It will decrease a sense of agitation that could spur a quick reaction. 'This is the challenge of our times,' she said. 'Figuring out what's real and true.' If you suspect a scam, report it to the Canadian Anti-Fraud Centre. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
6 days ago
- Business
- Yahoo
Mail scams are still targeting Canadians even today – here's what to watch for
As a compliance and anti-fraud professional, Amber D. Scott is no stranger to scams. But even she was surprised to find one waiting in her community mailbox, addressed directly to her. The letter purported to be from Ledger, a maker of cryptocurrency hardware wallets, asking her to scan a QR code to enable a new security feature. If she didn't complete the setup by July 30, the letter says she could lose access to her cryptocurrency. Scott, chairperson of Outlier Compliance Group, says the letter had several hallmarks of legitimacy at first glance. It contained no obvious spelling mistakes, listed devices a recipient might own, included brand logos and provided a signature. It also created a sense of urgency by imposing a deadline, she says. 'There's likely a higher open rate when you get a piece of mail addressed to you,' she added, whereas it's easier to delete an email. The scam Scott encountered is part of a growing trend of increasingly sophisticated fraud targeting Canadians, sometimes even through old-fashioned mail. While many scams have moved online, experts warn that physical letters can appear highly convincing and prey on urgency or fear. Canadians lost over $342 million to fraud in the first six months of 2025, according to Jeff Horncastle, client and communications outreach officer for the Canadian Anti-Fraud Centre (CAFC). Roughly $827,000 of that was a result of mail fraud. In 2024, investment fraud — including cryptocurrency scams — was among the top three fraud types reported to the CAFC, accounting for more than $310 million in losses. While cyber-enabled fraud accounts for about 75 per cent of reported losses to the CAFC, the organization has noted an increase in certain types of mail fraud, such as foreign money offers which include inheritance letters. Mail scams continue to deceive Canadians because they look official, Horncastle says. Printed letters often mimic the formatting and logos of those they're impersonating, and they can include real details, including your name and contact information. Fraudsters may also lure victims with promises of rewards or large amounts of money via what appears to be formal communications, he says. Scott says her approach to anything cryptocurrency related is to assume it's a scam, and then try to disprove that hypothesis. She didn't scan the QR code as advised, and suspects it would have led to a fake Ledger site asking her to download information or enter private keys or seed phrases (a crypto wallet recovery passcode) that would give scammers access to cryptocurrency. Or, it might automatically download malware that steals crypto automatically, she says. Horncastle similarly recommends Canadians not to scan QR codes received through unsolicited messages, which include letters in the mail. Always contact the company or agency by finding their official contact information first — outside of what appears in the letter. When doing so, Scott recommends searchers avoid any websites that don't look familiar. 'People can be less critical when they're evaluating Google search results,' she said. To debunk the scam, Scott also searched online for the suggested 'Ledger transaction check' alongside the word 'scam' and quickly found a warning from Ledger itself. The company confirmed it does not send physical letters to customers, suggesting such scams have circulated before. The scams may possibly be related to a previous data breach involving customer names and addresses, Scott says. She recommends others also search for two related terms + 'scam' when receiving suspicious communications. To break the sense of urgency scams create, Scott recommends taking a beat and talking to other people about what has been received — or find other ways to reflect on how to respond. It will decrease a sense of agitation that could spur a quick reaction. 'This is the challenge of our times,' she said. 'Figuring out what's real and true.' If you suspect a scam, report it to the Canadian Anti-Fraud Centre. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Yahoo
11-07-2025
- Yahoo
What is a cold wallet? Ledger Stax review
What is a cold wallet? Ledger Stax review originally appeared on TheStreet. Cold wallets have revolutionized crypto security by keeping your private keys offline and away from hackers. They're the digital equivalent of a safe deposit box, robust, reliable, and designed for peace of mind. Today, we're exploring Ledger's latest innovation in this space: the Ledger Stax, a sleek, magnetized, curved e-ink powerhouse that takes your crypto protection to the next level. Designed in collaboration with Tony Fadell, the inventor of the iPod, it features a first-of-its-kind 3.7-inch curved e-ink touchscreen that wraps around the edge, combining aesthetic elegance with high-contrast readability and ultra-low power consumption. This isn't just a cosmetic upgrade. The e-ink display allows you to scroll through transactions and addresses with minimal battery drain, giving you up to ten hours of active use on a single charge and weeks on standby. Before diving further into the device, let's start by understanding hardware wallets. Hardware wallets are a form of cold storage, keeping your private keys offline and safe from online threats. In contrast, hot wallets, like mobile apps or web services, are always connected and vulnerable to hacks, phishing, and malware. A device like the Ledger Stax uses a secure element to store and sign transactions internally, so even if it's plugged into an infected computer, your keys never leave the protected chip. Opening the box, you'll find the Ledger Stax device itself, a magnetic protective shell, three recovery phrase sheets, a quick-start guide, and a USB-C to USB-C cable. Powering on the Stax reveals the Ledger logo, and provides an overview of the basic functions of the device. As an extra touch, you can personalize your Stax by assigning it a name like 'Home Stax,' 'Travel Stax,' or whatever helps you differentiate multiple wallets. The device then prompts you to choose a PIN between four and eight digits. This PIN guards against unauthorized use: after three incorrect attempts, the device wipes itself to thwart brute-force attacks. Right after the pin selection, you can choose how you'd like to set up your Ledger Stax. You can either restore a previous wallet or start a new one. Now comes the most critical step: generating your 24-word secret recovery phrase. These words are the only backup of your private keys. Write each word in the exact order on the provided sheets, store them offline in separate secure locations, never photograph or copy them digitally, and never share them with anyone. Anyone with your phrase can take your funds. To verify you've recorded the phrase correctly, the Stax will quiz you on all 24 words. Once confirmed, your wallet setup is complete, and the device initializes your secure environment. To manage your crypto assets, you'll link your Ledger Stax to Ledger Live via the mobile or desktop app. Ledger Live provides a unified dashboard where you can add and organize multiple accounts, check real-time balances, portfolio performance, and send or receive over 5,500 supported coins and NFTs. You can also access built-in features like buying, swapping, and staking, as well as connect to decentralized apps — all while preserving your private keys offline on the Stax device. By keeping private keys offline in a secure element and leveraging an intuitive yet power-efficient curved e-ink touchscreen, the Ledger Stax represents a significant leap in both form and function for hardware wallets. Your digital assets stay protected, and your user experience is smoother and more engaging than ever. What is a cold wallet? Ledger Stax review first appeared on TheStreet on Jul 11, 2025 This story was originally reported by TheStreet on Jul 11, 2025, where it first appeared. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
