Hackers use fake Ledger apps to steal Mac users’ seed phrases

Cybercriminal campaigns are using fake Ledger apps to target macOS users and their digital assets by deploying malware that attempts to steal seed phrases that protect access to digital cryptocurrency wallets. Ledger is a popular hardware-based wallet designed to store cryptocurrency offline (cold storage) and in a secure manner. A seed or recovery phrase is a set of 12 or 24 random words that allows recovering the digital assets if the wallet is lost or the access password forgotten. Thus, it is meant to be stored offline and private. In such attacks highlighted in a Moonlock Lab report, the malicious app impersonates the Ledger app in an attempt to trick the user to type their seed phrase on a phishing page. Moonlock Lab says that they have been tracking these attacks since last AugustAugust 2024, when the app clones could only "steal passwords, notes, and wallet details to get a glimpse of the wallet’s assets." This info would not be enough to access the funds, though. With the ... Read full article.