Ledger, the crypto hardware wallet provider, confirmed that it has secured its Discord server following a phishing attack on May 11 that exploited a moderator’s account to spread scam links.
The attacker gained access to a contracted community moderator’s Discord credentials, using the elevated permissions to deploy a malicious bot that posted links to a fake Ledger site.
These scam messages falsely claimed a security vulnerability had exposed sensitive user information such as shipping details and recovery phrases. Victims were urged to verify their 24-word seed phrases, a known tactic for stealing wallet access.
Ledger Takes Swift Action, Removes Compromised Account
Quintin Boatwright, a team member at Ledger, stated that the company swiftly removed the compromised moderator, deleted the phishing bot, and secured server permissions to prevent further abuse. The phishing website linked in the messages was also reported and taken down.
Ledger called the breach an isolated incident, though some community members criticized the platform for not acting sooner. Users claimed the attacker leveraged moderator rights to ban or mute individuals trying to flag the scam, potentially delaying Ledger’s response. Still, as of now, no confirmed user losses have been reported.
Ledger Community Remains Target of Sophisticated Scams
This latest incident follows a string of sophisticated scams targeting Ledger users. In April 2025, fraudsters mailed fake physical letters containing QR codes linked to phishing sites.
These letters mimicked official Ledger communication and cited the 2020 data leak, which exposed personal details of over 270,000 customers.
There have also been reports of tampered Ledger devices embedded with malware, raising continued concerns about user safety.
In response, Ledger has reinforced its Discord security protocols, reminding users that they will never be asked to share their recovery phrases, either online or via physical mail. The company urges customers to report any suspicious activity only through official support channels.
