The recent homoglyph attack on Ledger had caused its customers a total loss of 1,150,000 XRP. Ledger is one of the major crypto hardware wallet providers that can store digital assets like XRP, Ether, Bitcoin, and more. A hardware wallet is more secure than its counterpart, the hot wallet primarily because it’s not connected to the internet. How was the homoglyph attack facilitated causing losses to its customers?
On July 29, Ledger informed its customers that it has been a victim of a data breach that has compromised almost one million email addresses. A subset of 9,500 customer details such as last name, postal address, and phone number were also exposed. As stated in their blog post, they were informed of the breach last July 14 after a researcher participating in its bounty told them the details of a potentially vulnerable point on their website. While fixing the problem, they found an unauthorized third party involved in a similar action on June 25. The unauthorized thirty was able to access a portion of their e-commerce and marketing database through an API key. The API key has been deactivated and is no longer accessible.
The attack on the victims was made through a phishing email that directed users to a fake version of the Ledge website using the homoglyph in the URL. Homoglyph is a deceptive method used by an attacker by abusing the similarities of character scripts to dupe victims to click the malicious site. In the case of Ledger, a letter that looked like the letter “e” but was actually not. The victims were duped to download a malware posing as a security update which drained the balance from Ledger wallet. The collected XRP was then sent to Bittrex in five separate deposits but the exchange was not able to take hold of the XRPs in time.
But this is not the first time a homoglyph attack happened in the crypto world. A similar attack happened with Ripple in January 2020. This time the attacker linked to a website in the memo posing as Ripple’s Insight blog. It lured the victims with a fake “grand giveaway” scheme. A total of 2,100,000 XRP was stolen from the victims.
Though companies are mostly responsible for the assets entrusted to them by their customers, precautionary measures should be exercised by customers too. Spotting this kind of scam is not easy because the characters may look identical to their genuine counterparts. It is advisable to be always cautious. Avoid clicking links if possible. Or if you do, examine the web address or link carefully to see if it contains a suspicious character. If unsure, typing the web or email address manually would be a safer option.
Cases of homoglyph attacks are starting to rise in the crypto world. In fact, this method has now become the most preferred way for cybercriminals to scam their victims. As technology progresses and security being heightened, online scammers will always find a way to dupe victims and extort money.