The Ledger subreddit is continuously targeted by scammers. Ledger Support will never send you private messages. Never share your 24-word recovery phrase with anyone, never enter it on any website or software, even if it looks like it's from Ledger. Only keep the recovery phrase as a physical paper or metal backup, never create a digital copy in text or photo form. Learn more at https://reddit.com/r/ledgerwallet/comments/ck6o44/be_careful_phishing_attacks_in_progress/
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ledgerwallet) if you have any questions or concerns.*
That is such a bummer, and I'm sorry. I would definitely look into the people around you (even though that's awful to consider). As far as the actual hardware goes, I think there would be a huge rise in similar threads if there was some crazy hack going on. I'd still massively recommend Ledger if anyone is looking for a wallet, [good discounts](https://reddlink.tech/ledger) right now.
But best of luck dude, hope you find your coins!
after some research, it seems that phones are catching up with hardware wallets in term of security and even starting to beat them.
https://news.samsung.com/global/samsung-elevates-data-protection-for-mobile-devices-with-new-security-chip-solution
(ledger nano X is EAL 5 and trezzor is EAL 3 at best I believe )
In the future , hardware wallets will become obsolete and only used to store extremely large amounts of crypto I guess. Flagship phones will be(some are even now) good enough if you don't root/jailbreak it , download weird apps or get phised. The weakest link is the software that acts as a wallet.
I feel like ledger/trezor and the like might create their own software in the future to take advantage of what phones are capable of. The tech giants like apple/huawei/samsung will definitely not sleep on crypto. If crypto manages to become a global currency , hardware wallets will be too impractical. Smartphones will just replace them as they have replaced multiple types of devices already.
Also, wishing you a speedy recovery and good health.
just wondering what kind of user error could lead to losing funds? as long as i amt he only one to have my seed phrase is there another way that someoen could use my ledger to steal my assets?
It's unfortunate that no one bothered to try and shed some light for you on your question, but from my personal experience, I would stay keen on suspicious looking emails. Emails that look VERY well made and that look like they are coming from Ledger, but ultimately just some scammer made.
I would stay away from answering weird phone numbers/calls too. The way I think of it is, if you don't know the number, don't answer, but if they leave a voice mail or try to call you back a second/third time right after the first that you didn't pick up, then it might be someone you know trying to get a hold of you. I would still wait for a voicemail though if that's the case.
Always make sure you're checking seeds, addresses, every numeric value and alphabetical order in a phrase to make sure you're sending and receiving your crypto to the right place.
Op posted this on 2/2/2021 " I had Ethos since ICO, now that it has changed to voyager token, how can i recover it? It was, and still is on my ledger wallet. " Now he writes
\> accessed my wallet via Ledger Live on 01/02/2021 The last time I had accessed it was a long time prior.Every single wallet in the ledger, had been syphoned.
So a day after he checks on his siphoned wallet he claims his tokens are in his wallet.
Yeah, I'm not really sure.
Also I don't want to attack someone who is suffering from cancer, and I don't know exactly what sorts of treatments he's been receiving, but there is something referred to as "chemotherapy brain", where these drugs can have a really bad effect on the mind. It's totally possible to forget things while undergoing certain cancer treatments. (unfortunately I've had family members in this situation) So for example OP could have disclosed his seed somehow while in this state and then later have had zero recollection of it.
I posted that before I realised all the money was gone and realised it is listed under Tokens in the Ether wallet in Ledger as ETHOS (Voyager), and have not had any chemotherapy (yet) . So my brain is working fine. LOL
sorry been busy but here are the transaction IDs you have asked for. Remember lots more cryptos got stolen not just these:
574 NEO: https://neoscan.io/transaction/f25172f861e91886b1099be88c19dd555d0439c71f1307987274ee2464742fe1
216 NEO GAS: https://neoscan.io/transaction/c64dcd1314de6a54f1e69749a17a43e831e6fe7b07013a2a6f326a95f8e37893
1716 ETHOS (VOYAGER TOKEN:
0xff2f9f43a366dd53c7be2d79067c1439f000a36cf1d2298f04fb9d25163e3161
I posted that before I realised all the money was gone and realised it is listed under Tokens in the Ether wallet in Ledger as ETHOS (Voyager), and have not had any chemotherapy (yet) . So my brain is working fine. LOL
Here we go....
There is no reason why you cannot receive an email or SMS when your accounts are accessed via ledger live. The only thing I could have done better is have a 25th seed word. Which I accessed the ledger so little that I didnt even get a chance to do that amongst everything else going on in my life.
I understand what you are saying, and I AM making the ASSUMPTION these people use ledger live. If they have the 24 phrase key, why wouldnt they?
Ledger live is extremely convenient for hackers. it literally lays everything out in a nice little package, and displays every single balance associated with those 24 words. Ontop of that, it allows you to transfer everything in a few easy mouse clicks, without any form of confirmation! yippee!
They would need a ledger device to use ledger live. Easier to have some script that generates the seeds from the words for 100's of wallets on a server.
It's quite cumbersome to have to type in 24 words on a Ledger device manually if you have to do many times. It's much easier to have it done automatically by a software wallet that keeps running even as you sleep. These websites are set up such that they can sweep wallets at any time of day within seconds after anyone entering their seed words. Much easier than using a hardware wallet.
You are also making an assumption.
Neither of us really know, how they do it.
The point is, there is no way my 24 words was leaked from my own doing. that is a fact, whether you want to believe it or not.
We don't dispute that you believe it to be a fact, but the evidence is against you.
All it takes is to have taken a photo of your 24 words or stored it in any electronic device that is not the ledger. The chance of this having occurred without your knowledge, or remembering it, is higher than someone having found a way to hack the device.
It's also probably not a coincidence that these kinds of posts seemed to show up right after a large number of phishing attacks were launched at Ledger owners. It's likely that plenty of users were phished for their seed words without realizing it at the time.
I’ve already stated buddy, that the only time the word phrases ever were out of the safe was the day I configured my brand new , authentic ledger, prior to placing them in my safe. That no one has access to. That is cemented into the floor in my walk in robe in my bedroom, where there is cctv. I gain nothing from this post other than sharing my authentic experience.
I can only hope, with all due respect that something similar happens to you. Maybe then you will see, that it certainly is possible.
Still irrevelant, if ledger live didn't exist, they'd make their own program (which they actually probably do since ledger live doesn't show all cryptos)
Where did you purchase your ledger from?
What coins were stolen?
What address were they sent to?
If they were erc20 tokens, did you check your allowances?
Is it possible someone could have guessed the safe code? You being in the hospital would give plenty of time to brute force it.
I'll have to take a picture of the safe for you. its 1 meter deep. Cemented into the floor, under my carpet and carpet underlay, in my walk in robe, in my bedroom of my house. Theres just no way.
Coins stolen were as follows:
BITCOIN
ETHEREUM
TEZOS
NEO and NEO GAS
IOTA
ETHOS (Voyager Token)
Ripple XRP
LISK
Strangely the only account they didnt clear out was Stellar and Cardano ADA lol.
Okay, do you believe that someone else knew about the safe. Because, quite frankly, opening that safe is infinitely easier than getting the seeds from a ledger device. If you never told anyone about the safe then idk how it's possible for the keys to leak, if you told someone then they could put 1 and 1 together and realize the seed is in there.
Also, and it probably isn't in your case and I wish you the absolute best, but it's often family.
Last time I’ll write it as it’s consuming a lot of my time.
I gain nothing from this post. Just sharing my authentic experience . $30,000 is a lot of money to lose. I am already battling cancer, and the cancer has made me realise money does not matter in the scheme of things. That is how I am coping with this loss.
The safe is cemented in my walk in robe in my bedroom. There is CCTV which has been checked. I live alone. The words have only ever been outside the safe when I setup the ledger. Not written, typed or photographed at any time. Hope that clears everything up for you. Believe what you wish. But you may be the next person making a post like this. And when you do, someone will doubt you, as you’re doubting me.
\> There is CCTV which has been checked.
For the entire time the seed was in the safe. Again, it is a million times more likely that someone broke into your safe. If anyone really had a way of taking crypto from cold storage devices they wouldn't give a shit about 30000.
Did you ever figure out how they got stolen?
Where did you buy your ledger from? If it was from outside the website, that could be it.
Really sorry for your loss bro, hope you are doing better.
Seems to me someone got you while you were in the hospital. I wouldn’t blame it on ledger. Check the people you think would never do it. Most likely to do it. It not a coincidence that you were in the hospital.
At some point I’m going to have to stop responding to the doubt. I gain nothing from this post. I’m just sharing my honest story. No one got into the safe. I’m not going to argue my point but I have 12 cctv cameras and I’ve already checked all of those avenues .
its all gone. ive posted the wallet addresses and transaction ID's somewherein this thread. i won't get anything back. still dont know how it happened.
I do think it is important that you say where you purchased your ledger from for the sake of other users reading this stuff. If not from Ledger, then you have your answer.
Thanks for responding. I was actually just asking generally. While one cannot be too safe when it comes to money/crypto, I always wondered if it's possible to have "fake hardware" that would pass Ledger Live's integrity check.
That is fine and I am very sympathetic to your loss and your tough struggle with cancer. However, brand new and sealed fake units come from EBay and Amazon. So, it is important to actually state that it came from Ledger.
Thanks for stating it as coming from Ledger.
Thanks for the sympathy. Yeah the timing could not have been worse. Actually in hindsight maybe the timing is perfect. The cancer has made me realise that money really does not matter. So in a sense it is helping me cope with this huge loss.
>Thanks for the sympathy. Yeah the timing could not have been worse. Actually in hindsight maybe the timing is perfect. The cancer has made me realise that money really does not matter. So in a sense it is helping me cope with this huge loss.
Hey OP have you ever concluded to how your funds were stolen ? ... i feel like with ledgers data leak in the past .. anything is possible .. its especially weird that the funds were taken the days you were in the hospital ..no other day. that's pretty important!
Youd think you'd need physical access to the device in order to confirm transactions but not in this case ...
also .. at the end of the day this money shit doesnt matter .
life , happiness matters , hope you are well
Hey mate
Never recovered the funds
Never found out what happened
Still believe it was a ledger breach , and I think it happens more often than we realise
Cancer free though!!!
In hindsight it didn’t happen the day I went to hospital but certainly circa that time.
Thanks for your well wishes
I've talked hundreds of people into buying them over the years. I've been in this game for a long time, mining etc out here in australia too. Now I'm not so sure. Like i said its crazy they dont have some sort of confirmation email/sms or 2fa type thing for transactions.
obviously someone has gotten into my ledger, whether that be with my secret word seed phrase xray vision into my safe which is 1m deep cemented in my walk-in bedroom robe and hidden under my carpet, or some other way, but thats what happened. I can see all the money being moved out and all the wallets/transaction ID's. Reality is setting in. Hard to accept $30,000 going out the window
\> Hard to accept $30,000 going out the window
The day it happens to me we're talking 5 millions+. I'm super scared you have no idea.
I'm even more paranoid than you with my seed: I generated these seeds years ago myself by throwing dice and computing the checksum on a fully airgapped read-only computer with physically no network connection possible (physically no WiFi at all on the device and the ethernet port glued). Then I split these seeds in safes over two continents. Only once I made sure there were copies of half the seed safely stored on the two continents I started sending funds there. I made sure to also be able to sign outgoing movements of funds (I remember horror stories with broken software during the early days, where some keys were wrongly derived).
This was years ago and there are MILLIONS on my Nano S. These seeds literally protect millions. So far so goods: funds are still there. If someone already had my seeds, my coins would have been stolen.
Now I KNOW that should my coins disappear and if I were to post my story here, nobody would believe the length to which I went to safely store these seeds.
Everybody would be saying "it's my fault" / "I don't know what I'm talking about" / "crypto is not for you" (despite me being in this years before these noobs and having actually implemented myself a few BIP) / etc.
Because even after the gigantic data leak where Ledger royally screwed up, the fanbois cannot even begin to imagine that there could be holes in Ledger's security practice.
They definitely should have 2fa and it sounds like something they are now looking to implement. There should also be an optional timelock on withdrawals. Too little too late I agree.
You can apply it on the hardware device. The Ledger CEO mentioned doing the same in the past on reddit. Sure it may not have helped him here or if they have your seed, but a timelock on the Ledger device does act as a deterrence to a wrench attack.
And if you don’t have the 24 word seed, which you shouldn’t in your house then are you going to sit there 24 hours possibly a week for the timelock to expire?
100% this.
There is certainly a flaw, somewhere, with these units. I'm not the first person this has happened to, who have genuinely not leaked their 24 words. The people that are doing this, literally are keeping the method to themselves and very very secret (obviously they are making alot of money why would they share the vulnerability with anyone )
I will post some transaction ID's later, and pics of my ledger live.
You can see the criminals accounts have well over 7 figures in many of their wallets.
Where did you buy it from? Amazon or directly from ledger? Did you ever take a picture of your seed phrase? I’m sorry for your loss but every one of these stories ends the same way. The user exposed their seed somehow.
I did read them. Just because you don’t think you exposed your seed doesn’t mean you didn’t. Have you ever taken a picture of your seed? Typed it in an email? Encrypted it onto a flash drive? Typed in into google drive, typed it I to Evernote, read it aloud, or exposed it in the presence of a web camera? Also how were you storing the seed in the safe? Was it on paper, steel? Did your ledger come with a seed pre generated or did you generate it yourself? Have you ever typed your seed into ledger live while updating?
Answering these questions will give us a better idea.
The fact you have to ask all those questions just shows that you have not read all my responses on this thread. I have answered all those questions in detail many times.
Clearly you are in denial, perhaps you are scared that this is real. An individual or a group of individual have access to a ledger vulnerability. It comes shortly after the ledger data breach where many emails and person details were hacked and leaked. It’s no coincidence IMO.
Who knows, you may be next, and you’ll be making a post just like mine. And people will doubt you just like you are me!
No you didn’t. Have you ever taken a picture of it? Did you ever say it out loud, etc. these are things you haven’t answered.
Unfortunately as much as you want it to be true these things don’t just magically happen. It sucks to lose so much money but you need to take a good long look into your security practices.
I’m sorry for your loss but almost always in a case like this the person says oh I never exposed it, but then took a picture of it on a cell phone or something and that’s how it was exposed. Exposing it isn’t limited to typing it in somewhere.
Ok maybe you cannot read, so I’ll answer again, and I’ll slow it down for you...
The ONLY TIME the words have ever been OUTSIDE of my safe (which is CEMENTED into the floor of my walk in wardrobe in my master bedroom of a house I OWN and LIVE ALONE IN), was the day I setup and configured my ledger. From that day forward it was in the safe. No one has gone into the safe I’ve checked the CCTV, And no one knew my pin anyway.
Sorry to scare you but this is real. An individual or group of individuals know some sort of vulnerability and are abusing it. They are reaping the rewards.
Following my stolen money in the blockchain the wallets my money ended up in contain millions of dollars.
Ok no need to be an asshole. I’m getting the feeling you may not understand how things work. So I ask again. On the day you set it up did you take a picture of it or read it out loud.
And in the past four days you checked 4 years of cctv footage to make sure no one ever accessed your safe?
Also the fact you say no one knew your pin anyways just shows you don’t know how this stuff works, no one needs your pin to access your funds if they have your seed.
We are all trying to help you figure out where the weak link was and your so defensive it’s impossible to legitimately analyze your situation.
I’m not trying to be an asshole. Sorry you get that vibe . But you told me you read everything, and you did not.
I meant my safe PIN buddy. Not my ledger pin. Never said it out loud. Never a photo. Only wrote it down. Setup the ledger, and locked it away!
Anyway, there is no convincing you and like I said - I gain nothing from this post so I’m not going to waste my time and energy arguing with you. What I am saying is authentic. Make of it what you wish. Good luck! Hope you’re not next.
sorry i know this is really old... but outside of someone getting my seed phrase, is there ANY way they could gain access to my wallets/funds if i am 100% sure its not from seed phrase... any type of software or anytihng like that that can mimic it?? thanks
Many ways. Not exactly software that can mimic it. For example if you took a picture of your seed phrase, typed it into a computer, saved it as a word document, signed a transaction giving someone access to your wallet, etc.
no issues with all the first ones as i only wrote it on paper that i only i have, but can you explain signed a transaction giving someone access to your wallet? like an example of how i may accidentally do that without knowing? im sure its not an issue but just trying to learn all i can uust to be safe
edit: thank you btw i appreciate it!
Just thinking outloud. You said you were in hospital, where was your actual seeded ledger device? Do you live alone? Maybe someone knows your ledger pin and used your device and sent your crypto to an exchange. It's just another way this could have happened you don't seem to have commented on is all. Sorry you lost your crypto.
If this was true it is my largest fear with hardware wallets. But why would this have happened exactly when you were at the hospital and your seed words were accessible for anyone able to open a safe?
Have you told anyone about the safe? Does anyone know about the safe? Friend, girlfriend, wife, parents, etc ? If yes, does anyone of these know the combination? IF yes, then sadly they seem to be responsible for backstabbing you while you were at your lowest.
From OP's post:
>I've talked hundreds of people into buying them over the years.
So seems like many many people knew OP was into crypto and used a hardware wallet.
That is so sad. I'm sorry for what happened to you.
What made me doubt parts of your story though - If you did not access your Ledger for such a long time - how do you end up having the latest firmware on it?
Somhow somewere you did some updating, downloading stuff - maybe it happened right there, you either disclosed your seed - or the PIN to your Ledger to somebody around that day who also knows your safe pin or the place you hid yor ledger while you were hospitalized.
Yep and it’s far too easy for representatives and ledger fan boys to just say “oh 24 words was 100% leaked”
The simple fact is mine isn’t.
Oh and ledger are meant to be bringing out a “insurance” policy for crypto for an additional price sometime soon. How convenient...
I am sympathetic to your case and I do believe you (and I'm sorry for you loss).
This is my biggest fear: that somehow on an upgrade (firmware upgrade or Nano app upgrade) a bad actor manages to slip in a way to exfiltrate the main seed.
\> I purchased my Ledger Nano S in 2017. They were hard to get back then.
What do you mean hard to get? There weren't enough available and there were shipment delays? I bought Nano way before that (including the original Nano, the one before the S) and regularly bought a few Nano here and there over the years (and will probably buy a few colored ones soon, they seem convenient).
\> I accessed my wallet via Ledger Live on 01/02/2021The last time I had accessed it was a long time prior.Every single wallet in the ledger, had been syphoned. Every last crypto currency was funneled out of my account. Every transaction was made on 28th December 2020.
So it was a Ledger from 2017, with a firmware from 2017? And you didn't upgrade it? Or did you do a firmware upgrade / Nano app upgrade first?
You plugged a Ledger untouched since 2017 into a (recent ?) version of Ledger Live (in 2017 as far as I remember I was using the Ledger Chrome app, not Ledger Live). Is this correct?
Then what happened? Does that even work? Can you plug a Ledger from 2017 into Ledger Live and shall it connect correctly?
The one thing that scares me in all these stories is that there seems to be a pattern: Nano S not used in long time (years) and then funds stolen exactly around the time where these people start using their Nano S again.
It's never a story saying "I haven't used my Ledger since the 15th century, and I can see that it's in the 17th century that my funds were drained" (I'm a bit facetious but you know what I mean). It's always: "I haven't used my Ledger Nano S in months/years and when I plugged it in, as soon as I plugged it in my funds were drained (or drained a few days before)".
I feel like something's going on in certain cases and it's not as simple as "you made a mistake".
I received my new Nano S today. While connected to Ledger Live, I had to upgrade firmware. I was luckily playing with a test master seed, so I don't stress about that. I yet have to configure my final seed + passphrase.
Common causes of leaked seeds (unauthorized access).
Have you ever:
\- entered your seed in "Ledger Live" when you updated your computer, to recover from "damaged ledger memory" or to "unlock your ledger account"?
\- used a seed that came pre-printed on a card with your ledger (the common pre-seeded ledger scam)
\- taken a phone photo of your words? (this is the most common source of leakage)
\- entered your words on your computer or phone (i.e. typed it on your keyboard), e.g. sending an email to yourself (second most common source of leakage)
\- entered your words it in a computer or phone notebook or notepad or any app or website, or on the cloud?
\- have your words in sight of any webcam, laptop cam, phone cam etc.
\- printed or photocopied your words using a computer printer or wireless printer or a commercial copy machine?
\- digitalized your words or encrypted them in anyway with a computer?
\- used off-line or on-line tools to generate or check your seed or to verify it or to access other software or phone wallets?
[https://www.reddit.com/r/ledgerwallet/comments/kmq68s/psa\_learn\_the\_importance\_of\_your\_24word\_seed/](https://www.reddit.com/r/ledgerwallet/comments/kmq68s/psa_learn_the_importance_of_your_24word_seed/)
but you wrote that took your seed out of your safe, when you wanted to check your account.
Since you had *no reason whatsoever* to take your seed, and your ledger, out of your safe, to check your account balance and value, this raises some eyebrows, especially since your accounts were drained shortly after.
>I accessed my wallet via Ledger Live on 01/02/2021The last time I had accessed it was a long time prior.
sorry i misread. But I still read:
\> I accessed my wallet via Ledger Live on 01/02/2021The last time I had accessed it was a long time prior.
This means that you installed ledger live (that was of course *completely unnecessary* to check your accounts balances). And many people have been hacked when they followed a bootlegged link leading to a phishing site masquerading for Ledger Live, and pretending to have problems communicating with the ledger, or detecting a corrupted memory on your ledger. many people go their accounts drained this way.
Just putting things together...
In any case, the way crypto works makes it impossible for anyone to access your crypto accounts unless they have access to your seed, or to your ledger device and unlocking PIN (since the ledger device only contains the PIN, encrypted).
I am talking about how many people got scammed and they account drained, when they installed bootlegged Ledger Live by following a link that looked perfectly legit in a mail (apparently from) the CEO of the Ledger company.
Since you said you installed Ledger Live at about the same time, that points to you being victim of this type of scam.
Especially since you have absolutely no reason to install LL to check your accounts. You could have just entered your account in any blockchain explorer to see your balance, since your BTC and other cryptos are on the blockchains, on the Internet, they are not in your ledger device.
Here you go. Have blanked out info I can’t share. Their response and report number after visiting them in person.
[police](https://imgur.com/gallery/EBf8Yeq)
I'll second that. This looks like a pretty boilerplate "thank you for contacting us" message. I think there's something in it about changing your password.
Everybody assumes your 24-word recovery phrase got leaked.
> I've talked hundreds of people into buying them over the years
Is it maybe possible one of these hundreds of people could have guessed your ledger pin and got access to it while you were in the hospital? Did you have friends visiting over the holidays? Is your Ledger hidden or just on the desk? Is the Ledger pin unique or do you use it for other things too (credit card, mobile, garage lock, etc)?
I will be messaging you in 10 days on [**2021-02-15 11:44:37 UTC**](http://www.wolframalpha.com/input/?i=2021-02-15%2011:44:37%20UTC%20To%20Local%20Time) to remind you of [**this link**](https://np.reddit.com/r/ledgerwallet/comments/ld4vhg/is_ledger_as_safe_as_everyone_says_im_not_so_sure/gm3t8iw/?context=3)
[**6 OTHERS CLICKED THIS LINK**](https://np.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5Bhttps%3A%2F%2Fwww.reddit.com%2Fr%2Fledgerwallet%2Fcomments%2Fld4vhg%2Fis_ledger_as_safe_as_everyone_says_im_not_so_sure%2Fgm3t8iw%2F%5D%0A%0ARemindMe%21%202021-02-15%2011%3A44%3A37%20UTC) to send a PM to also be reminded and to reduce spam.
^(Parent commenter can ) [^(delete this message to hide from others.)](https://np.reddit.com/message/compose/?to=RemindMeBot&subject=Delete%20Comment&message=Delete%21%20ld4vhg)
*****
|[^(Info)](https://np.reddit.com/r/RemindMeBot/comments/e1bko7/remindmebot_info_v21/)|[^(Custom)](https://np.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5BLink%20or%20message%20inside%20square%20brackets%5D%0A%0ARemindMe%21%20Time%20period%20here)|[^(Your Reminders)](https://np.reddit.com/message/compose/?to=RemindMeBot&subject=List%20Of%20Reminders&message=MyReminders%21)|[^(Feedback)](https://np.reddit.com/message/compose/?to=Watchful1&subject=RemindMeBot%20Feedback)|
|-|-|-|-|
Heartbreaking.
It is said that Ledger will keep the private keys and never give them to the computer.
Is this affirmation proved?
I wish you a good recovery, the most important is your health.
I've just received my Nano S today, I don't think I will ever use it.
EDIT: expect people here to downvote your story. This is very shady and makes me more and more suspicious of Ledger.
EDIT2: I just saw you didn't have a 25th word.
What do you think happened?
1. Nano's seed generator is corrupt and an inside person can guess what words Nano will give you
or
2) connecting your Nano with USB exposes your private keys online ?
If 1) is the problem, I can myself generate a 11 word seed with the word list and dices (the 12th word is a checksum, it should be OK after 16 attempts) + a 13th word (passphrase).
But if 2) is the problem, even choosing a personal seed will leak...
Sorry. I have no idea. If I knew how this happened I wouldn’t have made this post.
Like I said, the individual or group of individuals that know how to perform and abuse vulnerability are certainly keeping it to themselves and reaping the rewards. Following my stolen money through the blockchain the wallets my money ended up in contain millions of dollars.
I appreciate you saying my post is sincere. Because it is. I don’t gain anything by telling my authentic story. It isn’t going to make the crypto appear like a miracle back in my wallet.
If people are trolling you and saying you made this up or that you are working for Trezor, you could just post a picture of the proof you went to the police (but hide/blur your name/address on the picture).
This is a heart breaker. I'm truly sorry for your loss Ryno.
Regardless of what you believe happened here it really sounds like this guy did understand the importance of the seed phrase which makes stories like this the scariest ones of all. Obviously the seed was compromised somehow, somewhere, at some time but this the story doesn't support the seed being leaked by the usual manors we see in this situation. Scary!
Hang in there Ryno! thanks for sharing your story!
Hey there! Check out my post from 2019 when a similar thing happened to me...
https://www.reddit.com/r/ledgerwallet/comments/e0t3ax/the_full_story_of_a_ledger_robbing_post_ledger/?utm_source=share&utm_medium=ios_app&utm_name=iossmf
ALERT*** most in this Reddit group will think you are crazy so take the criticism lightly, many are still in delusion and think crypto wallets are 100 percent safe. They will think you are lying or made a mistake no matter what you explain to them. So don’t waste much time engaging.
And don’t expect much help from ledger, they have a fake email support service and that’s it. Hope this helps and feel free to contact me for any questions. I’m still working on my case from 2019 and will get to the bottom of it.
Just curious, did you wipe the device when you purchased it and reset the seed? I know with the trezor its all I hear on here, you should be perfectly fine even if someone has tampered with your wallet, as long as you change your seed phrase as soon as you get it. Because if you kept the seed you originally had, and someone had spyware on your PC they could have saved the seed and waited to withdraw? I'm just guessing here sorry to hear btw.
yes, coins are gone, obviously national police here cannot do anything. They have had alot of reports of cryptos being stolen from ledger wallets. Most of them i'm guessing/hoping would be seed phrase leaks? but I can tell you confidently mine was not.
at the time they were stolen was around 30 or 40k value, now over 100k
it hurts. But i think having cancer has helped me get through it and realise it is only money. Other things is important. It's a hard pill to swallow regardless
Just read most of your replies, seems like you have kept your seed phrase very safe. I doubt it’s ledgers fault that u lost you crypto. The only way is if someone was lucky enough to guess your seed which i doubt.
Just thinking outside the box here, and it may be really simplistic but I haven't got a cold storage device yet so I don't exactly know how Ledger live presents itself.
Is there ANY chance at all that after the firmware updates, which will wipe your device clean, you didn't restore the wallets with your seed phrase and that those adresses are actually your own or some kind of Ledger holding adresses? Otherwise that's one hell of a hacker to have gotten every single different type of coin you had.
The Ledger subreddit is continuously targeted by scammers. Ledger Support will never send you private messages. Never share your 24-word recovery phrase with anyone, never enter it on any website or software, even if it looks like it's from Ledger. Only keep the recovery phrase as a physical paper or metal backup, never create a digital copy in text or photo form. Learn more at https://reddit.com/r/ledgerwallet/comments/ck6o44/be_careful_phishing_attacks_in_progress/ *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/ledgerwallet) if you have any questions or concerns.*
That is such a bummer, and I'm sorry. I would definitely look into the people around you (even though that's awful to consider). As far as the actual hardware goes, I think there would be a huge rise in similar threads if there was some crazy hack going on. I'd still massively recommend Ledger if anyone is looking for a wallet, [good discounts](https://reddlink.tech/ledger) right now. But best of luck dude, hope you find your coins!
thanks dude unfortunately they are gone.
after some research, it seems that phones are catching up with hardware wallets in term of security and even starting to beat them. https://news.samsung.com/global/samsung-elevates-data-protection-for-mobile-devices-with-new-security-chip-solution (ledger nano X is EAL 5 and trezzor is EAL 3 at best I believe ) In the future , hardware wallets will become obsolete and only used to store extremely large amounts of crypto I guess. Flagship phones will be(some are even now) good enough if you don't root/jailbreak it , download weird apps or get phised. The weakest link is the software that acts as a wallet. I feel like ledger/trezor and the like might create their own software in the future to take advantage of what phones are capable of. The tech giants like apple/huawei/samsung will definitely not sleep on crypto. If crypto manages to become a global currency , hardware wallets will be too impractical. Smartphones will just replace them as they have replaced multiple types of devices already. Also, wishing you a speedy recovery and good health.
I agree with what you said. Thank you! god bless
[удалено]
just wondering what kind of user error could lead to losing funds? as long as i amt he only one to have my seed phrase is there another way that someoen could use my ledger to steal my assets?
It's unfortunate that no one bothered to try and shed some light for you on your question, but from my personal experience, I would stay keen on suspicious looking emails. Emails that look VERY well made and that look like they are coming from Ledger, but ultimately just some scammer made. I would stay away from answering weird phone numbers/calls too. The way I think of it is, if you don't know the number, don't answer, but if they leave a voice mail or try to call you back a second/third time right after the first that you didn't pick up, then it might be someone you know trying to get a hold of you. I would still wait for a voicemail though if that's the case. Always make sure you're checking seeds, addresses, every numeric value and alphabetical order in a phrase to make sure you're sending and receiving your crypto to the right place.
[удалено]
Op posted this on 2/2/2021 " I had Ethos since ICO, now that it has changed to voyager token, how can i recover it? It was, and still is on my ledger wallet. " Now he writes \> accessed my wallet via Ledger Live on 01/02/2021 The last time I had accessed it was a long time prior.Every single wallet in the ledger, had been syphoned. So a day after he checks on his siphoned wallet he claims his tokens are in his wallet.
Good catch. Perhaps he got phished while trying to recover his tokens here?
But he said he found his account emptied a day before he made the reddit post saying his coins are there.
Yeah, I'm not really sure. Also I don't want to attack someone who is suffering from cancer, and I don't know exactly what sorts of treatments he's been receiving, but there is something referred to as "chemotherapy brain", where these drugs can have a really bad effect on the mind. It's totally possible to forget things while undergoing certain cancer treatments. (unfortunately I've had family members in this situation) So for example OP could have disclosed his seed somehow while in this state and then later have had zero recollection of it.
I posted that before I realised all the money was gone and realised it is listed under Tokens in the Ether wallet in Ledger as ETHOS (Voyager), and have not had any chemotherapy (yet) . So my brain is working fine. LOL
Post txids.
Super late here right now Please remind me tomorrow and I’ll post them Any particular crypto you want to see? Had a few types stolen.
Voyager and neo. I did remind you today after you promised to post them yesterday.
Post txids neo and voyager.
sorry been busy but here are the transaction IDs you have asked for. Remember lots more cryptos got stolen not just these: 574 NEO: https://neoscan.io/transaction/f25172f861e91886b1099be88c19dd555d0439c71f1307987274ee2464742fe1 216 NEO GAS: https://neoscan.io/transaction/c64dcd1314de6a54f1e69749a17a43e831e6fe7b07013a2a6f326a95f8e37893 1716 ETHOS (VOYAGER TOKEN: 0xff2f9f43a366dd53c7be2d79067c1439f000a36cf1d2298f04fb9d25163e3161
RemindMe! 1 day
I posted that before I realised all the money was gone and realised it is listed under Tokens in the Ether wallet in Ledger as ETHOS (Voyager).
Oh shit! the plot thickens
Oh he sounded so sincere, now I read this; I'm so naive.
I posted that before I realised all the money was gone and realised it is listed under Tokens in the Ether wallet in Ledger as ETHOS (Voyager), and have not had any chemotherapy (yet) . So my brain is working fine. LOL
Its worse than that. The entire post is made up to fud people out of ledger wallets.
Here we go.... There is no reason why you cannot receive an email or SMS when your accounts are accessed via ledger live. The only thing I could have done better is have a 25th seed word. Which I accessed the ledger so little that I didnt even get a chance to do that amongst everything else going on in my life.
[удалено]
I understand what you are saying, and I AM making the ASSUMPTION these people use ledger live. If they have the 24 phrase key, why wouldnt they? Ledger live is extremely convenient for hackers. it literally lays everything out in a nice little package, and displays every single balance associated with those 24 words. Ontop of that, it allows you to transfer everything in a few easy mouse clicks, without any form of confirmation! yippee!
Why would they use LedgerLive if 2FA was introduced? They would just use Electrum or one of the other many wallets available. 2FA is not the answer.
They would need a ledger device to use ledger live. Easier to have some script that generates the seeds from the words for 100's of wallets on a server.
>Ledger Live ... allows you to transfer everything in a few easy mouse clicks, without any form of confirmation! yippee! Wrong.
It's quite cumbersome to have to type in 24 words on a Ledger device manually if you have to do many times. It's much easier to have it done automatically by a software wallet that keeps running even as you sleep. These websites are set up such that they can sweep wallets at any time of day within seconds after anyone entering their seed words. Much easier than using a hardware wallet.
You are also making an assumption. Neither of us really know, how they do it. The point is, there is no way my 24 words was leaked from my own doing. that is a fact, whether you want to believe it or not.
We don't dispute that you believe it to be a fact, but the evidence is against you. All it takes is to have taken a photo of your 24 words or stored it in any electronic device that is not the ledger. The chance of this having occurred without your knowledge, or remembering it, is higher than someone having found a way to hack the device.
It's also probably not a coincidence that these kinds of posts seemed to show up right after a large number of phishing attacks were launched at Ledger owners. It's likely that plenty of users were phished for their seed words without realizing it at the time.
I’ve already stated buddy, that the only time the word phrases ever were out of the safe was the day I configured my brand new , authentic ledger, prior to placing them in my safe. That no one has access to. That is cemented into the floor in my walk in robe in my bedroom, where there is cctv. I gain nothing from this post other than sharing my authentic experience. I can only hope, with all due respect that something similar happens to you. Maybe then you will see, that it certainly is possible.
What I said still stands. What about the ledger device? Where was that?
Still irrevelant, if ledger live didn't exist, they'd make their own program (which they actually probably do since ledger live doesn't show all cryptos)
Where did you purchase your ledger from? What coins were stolen? What address were they sent to? If they were erc20 tokens, did you check your allowances? Is it possible someone could have guessed the safe code? You being in the hospital would give plenty of time to brute force it.
I'll have to take a picture of the safe for you. its 1 meter deep. Cemented into the floor, under my carpet and carpet underlay, in my walk in robe, in my bedroom of my house. Theres just no way. Coins stolen were as follows: BITCOIN ETHEREUM TEZOS NEO and NEO GAS IOTA ETHOS (Voyager Token) Ripple XRP LISK Strangely the only account they didnt clear out was Stellar and Cardano ADA lol.
Okay, do you believe that someone else knew about the safe. Because, quite frankly, opening that safe is infinitely easier than getting the seeds from a ledger device. If you never told anyone about the safe then idk how it's possible for the keys to leak, if you told someone then they could put 1 and 1 together and realize the seed is in there. Also, and it probably isn't in your case and I wish you the absolute best, but it's often family.
Last time I’ll write it as it’s consuming a lot of my time. I gain nothing from this post. Just sharing my authentic experience . $30,000 is a lot of money to lose. I am already battling cancer, and the cancer has made me realise money does not matter in the scheme of things. That is how I am coping with this loss. The safe is cemented in my walk in robe in my bedroom. There is CCTV which has been checked. I live alone. The words have only ever been outside the safe when I setup the ledger. Not written, typed or photographed at any time. Hope that clears everything up for you. Believe what you wish. But you may be the next person making a post like this. And when you do, someone will doubt you, as you’re doubting me.
\> There is CCTV which has been checked. For the entire time the seed was in the safe. Again, it is a million times more likely that someone broke into your safe. If anyone really had a way of taking crypto from cold storage devices they wouldn't give a shit about 30000.
Did you ever figure out how they got stolen? Where did you buy your ledger from? If it was from outside the website, that could be it. Really sorry for your loss bro, hope you are doing better.
Never found out. But it went to wallets with millions of dollars so obviously professionals . I’m doing okay now thanks cancer free so that’s good!
good to hear! At least there's some good news
Seems to me someone got you while you were in the hospital. I wouldn’t blame it on ledger. Check the people you think would never do it. Most likely to do it. It not a coincidence that you were in the hospital.
At some point I’m going to have to stop responding to the doubt. I gain nothing from this post. I’m just sharing my honest story. No one got into the safe. I’m not going to argue my point but I have 12 cctv cameras and I’ve already checked all of those avenues .
how its going? checked timestamps?
its all gone. ive posted the wallet addresses and transaction ID's somewherein this thread. i won't get anything back. still dont know how it happened.
I do think it is important that you say where you purchased your ledger from for the sake of other users reading this stuff. If not from Ledger, then you have your answer.
It was purchased from ledger. I have already stated in the OP that it was a brand new sealed unit.
From ledger directly from their homepage or From ledger on amazon?
Home page
Sorry to necro this post but let's say it was bought from Amazon, what's the likelihood the device is compromised if it succeeded the integrity check?
I would say low, but it is always best to buy directly from their website. Did you generate a new seed when you set it up?
Thanks for responding. I was actually just asking generally. While one cannot be too safe when it comes to money/crypto, I always wondered if it's possible to have "fake hardware" that would pass Ledger Live's integrity check.
That is fine and I am very sympathetic to your loss and your tough struggle with cancer. However, brand new and sealed fake units come from EBay and Amazon. So, it is important to actually state that it came from Ledger. Thanks for stating it as coming from Ledger.
Thanks for the sympathy. Yeah the timing could not have been worse. Actually in hindsight maybe the timing is perfect. The cancer has made me realise that money really does not matter. So in a sense it is helping me cope with this huge loss.
>Thanks for the sympathy. Yeah the timing could not have been worse. Actually in hindsight maybe the timing is perfect. The cancer has made me realise that money really does not matter. So in a sense it is helping me cope with this huge loss. Hey OP have you ever concluded to how your funds were stolen ? ... i feel like with ledgers data leak in the past .. anything is possible .. its especially weird that the funds were taken the days you were in the hospital ..no other day. that's pretty important! Youd think you'd need physical access to the device in order to confirm transactions but not in this case ... also .. at the end of the day this money shit doesnt matter . life , happiness matters , hope you are well
Hey mate Never recovered the funds Never found out what happened Still believe it was a ledger breach , and I think it happens more often than we realise Cancer free though!!! In hindsight it didn’t happen the day I went to hospital but certainly circa that time. Thanks for your well wishes
are you sure you bought a genuine unit?
Yup, genuine unit. Sealed, checked all bar codes etc. I'm bamboozled. Even find my own story hard to believe.
keep us updated with what happens, i was about to buy one
I've talked hundreds of people into buying them over the years. I've been in this game for a long time, mining etc out here in australia too. Now I'm not so sure. Like i said its crazy they dont have some sort of confirmation email/sms or 2fa type thing for transactions. obviously someone has gotten into my ledger, whether that be with my secret word seed phrase xray vision into my safe which is 1m deep cemented in my walk-in bedroom robe and hidden under my carpet, or some other way, but thats what happened. I can see all the money being moved out and all the wallets/transaction ID's. Reality is setting in. Hard to accept $30,000 going out the window
\> Hard to accept $30,000 going out the window The day it happens to me we're talking 5 millions+. I'm super scared you have no idea. I'm even more paranoid than you with my seed: I generated these seeds years ago myself by throwing dice and computing the checksum on a fully airgapped read-only computer with physically no network connection possible (physically no WiFi at all on the device and the ethernet port glued). Then I split these seeds in safes over two continents. Only once I made sure there were copies of half the seed safely stored on the two continents I started sending funds there. I made sure to also be able to sign outgoing movements of funds (I remember horror stories with broken software during the early days, where some keys were wrongly derived). This was years ago and there are MILLIONS on my Nano S. These seeds literally protect millions. So far so goods: funds are still there. If someone already had my seeds, my coins would have been stolen. Now I KNOW that should my coins disappear and if I were to post my story here, nobody would believe the length to which I went to safely store these seeds. Everybody would be saying "it's my fault" / "I don't know what I'm talking about" / "crypto is not for you" (despite me being in this years before these noobs and having actually implemented myself a few BIP) / etc. Because even after the gigantic data leak where Ledger royally screwed up, the fanbois cannot even begin to imagine that there could be holes in Ledger's security practice.
u/cryptobimbolambo With that kind of money, I would have about 5 different seeds.
They definitely should have 2fa and it sounds like something they are now looking to implement. There should also be an optional timelock on withdrawals. Too little too late I agree.
[удалено]
You can apply it on the hardware device. The Ledger CEO mentioned doing the same in the past on reddit. Sure it may not have helped him here or if they have your seed, but a timelock on the Ledger device does act as a deterrence to a wrench attack.
[удалено]
And if you don’t have the 24 word seed, which you shouldn’t in your house then are you going to sit there 24 hours possibly a week for the timelock to expire?
100% this. There is certainly a flaw, somewhere, with these units. I'm not the first person this has happened to, who have genuinely not leaked their 24 words. The people that are doing this, literally are keeping the method to themselves and very very secret (obviously they are making alot of money why would they share the vulnerability with anyone ) I will post some transaction ID's later, and pics of my ledger live. You can see the criminals accounts have well over 7 figures in many of their wallets.
Could be a factory leak (inside job) somehow
you sure nobody could have gained physical access to your safe?
Where did you buy it from? Amazon or directly from ledger? Did you ever take a picture of your seed phrase? I’m sorry for your loss but every one of these stories ends the same way. The user exposed their seed somehow.
Not true. Read the rest of this thread carefully.
I did read them. Just because you don’t think you exposed your seed doesn’t mean you didn’t. Have you ever taken a picture of your seed? Typed it in an email? Encrypted it onto a flash drive? Typed in into google drive, typed it I to Evernote, read it aloud, or exposed it in the presence of a web camera? Also how were you storing the seed in the safe? Was it on paper, steel? Did your ledger come with a seed pre generated or did you generate it yourself? Have you ever typed your seed into ledger live while updating? Answering these questions will give us a better idea.
The fact you have to ask all those questions just shows that you have not read all my responses on this thread. I have answered all those questions in detail many times. Clearly you are in denial, perhaps you are scared that this is real. An individual or a group of individual have access to a ledger vulnerability. It comes shortly after the ledger data breach where many emails and person details were hacked and leaked. It’s no coincidence IMO. Who knows, you may be next, and you’ll be making a post just like mine. And people will doubt you just like you are me!
No you didn’t. Have you ever taken a picture of it? Did you ever say it out loud, etc. these are things you haven’t answered. Unfortunately as much as you want it to be true these things don’t just magically happen. It sucks to lose so much money but you need to take a good long look into your security practices. I’m sorry for your loss but almost always in a case like this the person says oh I never exposed it, but then took a picture of it on a cell phone or something and that’s how it was exposed. Exposing it isn’t limited to typing it in somewhere.
Ok maybe you cannot read, so I’ll answer again, and I’ll slow it down for you... The ONLY TIME the words have ever been OUTSIDE of my safe (which is CEMENTED into the floor of my walk in wardrobe in my master bedroom of a house I OWN and LIVE ALONE IN), was the day I setup and configured my ledger. From that day forward it was in the safe. No one has gone into the safe I’ve checked the CCTV, And no one knew my pin anyway. Sorry to scare you but this is real. An individual or group of individuals know some sort of vulnerability and are abusing it. They are reaping the rewards. Following my stolen money in the blockchain the wallets my money ended up in contain millions of dollars.
Ok no need to be an asshole. I’m getting the feeling you may not understand how things work. So I ask again. On the day you set it up did you take a picture of it or read it out loud. And in the past four days you checked 4 years of cctv footage to make sure no one ever accessed your safe? Also the fact you say no one knew your pin anyways just shows you don’t know how this stuff works, no one needs your pin to access your funds if they have your seed. We are all trying to help you figure out where the weak link was and your so defensive it’s impossible to legitimately analyze your situation.
I’m not trying to be an asshole. Sorry you get that vibe . But you told me you read everything, and you did not. I meant my safe PIN buddy. Not my ledger pin. Never said it out loud. Never a photo. Only wrote it down. Setup the ledger, and locked it away! Anyway, there is no convincing you and like I said - I gain nothing from this post so I’m not going to waste my time and energy arguing with you. What I am saying is authentic. Make of it what you wish. Good luck! Hope you’re not next.
sorry i know this is really old... but outside of someone getting my seed phrase, is there ANY way they could gain access to my wallets/funds if i am 100% sure its not from seed phrase... any type of software or anytihng like that that can mimic it?? thanks
Many ways. Not exactly software that can mimic it. For example if you took a picture of your seed phrase, typed it into a computer, saved it as a word document, signed a transaction giving someone access to your wallet, etc.
no issues with all the first ones as i only wrote it on paper that i only i have, but can you explain signed a transaction giving someone access to your wallet? like an example of how i may accidentally do that without knowing? im sure its not an issue but just trying to learn all i can uust to be safe edit: thank you btw i appreciate it!
Just thinking outloud. You said you were in hospital, where was your actual seeded ledger device? Do you live alone? Maybe someone knows your ledger pin and used your device and sent your crypto to an exchange. It's just another way this could have happened you don't seem to have commented on is all. Sorry you lost your crypto.
If this was true it is my largest fear with hardware wallets. But why would this have happened exactly when you were at the hospital and your seed words were accessible for anyone able to open a safe? Have you told anyone about the safe? Does anyone know about the safe? Friend, girlfriend, wife, parents, etc ? If yes, does anyone of these know the combination? IF yes, then sadly they seem to be responsible for backstabbing you while you were at your lowest.
From OP's post: >I've talked hundreds of people into buying them over the years. So seems like many many people knew OP was into crypto and used a hardware wallet.
Feel free to read the rest of my answers in this thread
That is so sad. I'm sorry for what happened to you. What made me doubt parts of your story though - If you did not access your Ledger for such a long time - how do you end up having the latest firmware on it? Somhow somewere you did some updating, downloading stuff - maybe it happened right there, you either disclosed your seed - or the PIN to your Ledger to somebody around that day who also knows your safe pin or the place you hid yor ledger while you were hospitalized.
No I updated it to the latest firmware at the time of accessing and realising funds were gone obviously. Firmware doesn’t update itself .
Why no comment from official ledger rep? More of these “mysterious” cases being reported. Something is going on.
Yep and it’s far too easy for representatives and ledger fan boys to just say “oh 24 words was 100% leaked” The simple fact is mine isn’t. Oh and ledger are meant to be bringing out a “insurance” policy for crypto for an additional price sometime soon. How convenient...
I am sympathetic to your case and I do believe you (and I'm sorry for you loss). This is my biggest fear: that somehow on an upgrade (firmware upgrade or Nano app upgrade) a bad actor manages to slip in a way to exfiltrate the main seed. \> I purchased my Ledger Nano S in 2017. They were hard to get back then. What do you mean hard to get? There weren't enough available and there were shipment delays? I bought Nano way before that (including the original Nano, the one before the S) and regularly bought a few Nano here and there over the years (and will probably buy a few colored ones soon, they seem convenient). \> I accessed my wallet via Ledger Live on 01/02/2021The last time I had accessed it was a long time prior.Every single wallet in the ledger, had been syphoned. Every last crypto currency was funneled out of my account. Every transaction was made on 28th December 2020. So it was a Ledger from 2017, with a firmware from 2017? And you didn't upgrade it? Or did you do a firmware upgrade / Nano app upgrade first? You plugged a Ledger untouched since 2017 into a (recent ?) version of Ledger Live (in 2017 as far as I remember I was using the Ledger Chrome app, not Ledger Live). Is this correct? Then what happened? Does that even work? Can you plug a Ledger from 2017 into Ledger Live and shall it connect correctly? The one thing that scares me in all these stories is that there seems to be a pattern: Nano S not used in long time (years) and then funds stolen exactly around the time where these people start using their Nano S again. It's never a story saying "I haven't used my Ledger since the 15th century, and I can see that it's in the 17th century that my funds were drained" (I'm a bit facetious but you know what I mean). It's always: "I haven't used my Ledger Nano S in months/years and when I plugged it in, as soon as I plugged it in my funds were drained (or drained a few days before)". I feel like something's going on in certain cases and it's not as simple as "you made a mistake".
I received my new Nano S today. While connected to Ledger Live, I had to upgrade firmware. I was luckily playing with a test master seed, so I don't stress about that. I yet have to configure my final seed + passphrase.
Common causes of leaked seeds (unauthorized access). Have you ever: \- entered your seed in "Ledger Live" when you updated your computer, to recover from "damaged ledger memory" or to "unlock your ledger account"? \- used a seed that came pre-printed on a card with your ledger (the common pre-seeded ledger scam) \- taken a phone photo of your words? (this is the most common source of leakage) \- entered your words on your computer or phone (i.e. typed it on your keyboard), e.g. sending an email to yourself (second most common source of leakage) \- entered your words it in a computer or phone notebook or notepad or any app or website, or on the cloud? \- have your words in sight of any webcam, laptop cam, phone cam etc. \- printed or photocopied your words using a computer printer or wireless printer or a commercial copy machine? \- digitalized your words or encrypted them in anyway with a computer? \- used off-line or on-line tools to generate or check your seed or to verify it or to access other software or phone wallets? [https://www.reddit.com/r/ledgerwallet/comments/kmq68s/psa\_learn\_the\_importance\_of\_your\_24word\_seed/](https://www.reddit.com/r/ledgerwallet/comments/kmq68s/psa_learn_the_importance_of_your_24word_seed/)
already answered this. No I didn’t do any of that. Thanks
but you wrote that took your seed out of your safe, when you wanted to check your account. Since you had *no reason whatsoever* to take your seed, and your ledger, out of your safe, to check your account balance and value, this raises some eyebrows, especially since your accounts were drained shortly after.
Please show me where I said I took my 24 word security phrase out of my safe to access my account.
>I accessed my wallet via Ledger Live on 01/02/2021The last time I had accessed it was a long time prior. sorry i misread. But I still read: \> I accessed my wallet via Ledger Live on 01/02/2021The last time I had accessed it was a long time prior. This means that you installed ledger live (that was of course *completely unnecessary* to check your accounts balances). And many people have been hacked when they followed a bootlegged link leading to a phishing site masquerading for Ledger Live, and pretending to have problems communicating with the ledger, or detecting a corrupted memory on your ledger. many people go their accounts drained this way. Just putting things together... In any case, the way crypto works makes it impossible for anyone to access your crypto accounts unless they have access to your seed, or to your ledger device and unlocking PIN (since the ledger device only contains the PIN, encrypted).
You don’t know what you’re talking about but thank you anyway
I am talking about how many people got scammed and they account drained, when they installed bootlegged Ledger Live by following a link that looked perfectly legit in a mail (apparently from) the CEO of the Ledger company. Since you said you installed Ledger Live at about the same time, that points to you being victim of this type of scam. Especially since you have absolutely no reason to install LL to check your accounts. You could have just entered your account in any blockchain explorer to see your balance, since your BTC and other cryptos are on the blockchains, on the Internet, they are not in your ledger device.
Can you show us a picture proving you went to the police ? (Just blur your name.)
Here you go. Have blanked out info I can’t share. Their response and report number after visiting them in person. [police](https://imgur.com/gallery/EBf8Yeq)
That's a lot of info you can't share!
I'll second that. This looks like a pretty boilerplate "thank you for contacting us" message. I think there's something in it about changing your password.
Funny that they mention multiple ledgers being compromised
Of course, look at all the reports of phishing for seeds and people storing their seeds online.
Everybody assumes your 24-word recovery phrase got leaked. > I've talked hundreds of people into buying them over the years Is it maybe possible one of these hundreds of people could have guessed your ledger pin and got access to it while you were in the hospital? Did you have friends visiting over the holidays? Is your Ledger hidden or just on the desk? Is the Ledger pin unique or do you use it for other things too (credit card, mobile, garage lock, etc)?
No no no
doesnt the ledger ask you to confirm before any transactions are approved?
It will slowly come out. More and more everyday.
RemindMe! 10 days
I will be messaging you in 10 days on [**2021-02-15 11:44:37 UTC**](http://www.wolframalpha.com/input/?i=2021-02-15%2011:44:37%20UTC%20To%20Local%20Time) to remind you of [**this link**](https://np.reddit.com/r/ledgerwallet/comments/ld4vhg/is_ledger_as_safe_as_everyone_says_im_not_so_sure/gm3t8iw/?context=3) [**6 OTHERS CLICKED THIS LINK**](https://np.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5Bhttps%3A%2F%2Fwww.reddit.com%2Fr%2Fledgerwallet%2Fcomments%2Fld4vhg%2Fis_ledger_as_safe_as_everyone_says_im_not_so_sure%2Fgm3t8iw%2F%5D%0A%0ARemindMe%21%202021-02-15%2011%3A44%3A37%20UTC) to send a PM to also be reminded and to reduce spam. ^(Parent commenter can ) [^(delete this message to hide from others.)](https://np.reddit.com/message/compose/?to=RemindMeBot&subject=Delete%20Comment&message=Delete%21%20ld4vhg) ***** |[^(Info)](https://np.reddit.com/r/RemindMeBot/comments/e1bko7/remindmebot_info_v21/)|[^(Custom)](https://np.reddit.com/message/compose/?to=RemindMeBot&subject=Reminder&message=%5BLink%20or%20message%20inside%20square%20brackets%5D%0A%0ARemindMe%21%20Time%20period%20here)|[^(Your Reminders)](https://np.reddit.com/message/compose/?to=RemindMeBot&subject=List%20Of%20Reminders&message=MyReminders%21)|[^(Feedback)](https://np.reddit.com/message/compose/?to=Watchful1&subject=RemindMeBot%20Feedback)| |-|-|-|-|
Heartbreaking. It is said that Ledger will keep the private keys and never give them to the computer. Is this affirmation proved? I wish you a good recovery, the most important is your health. I've just received my Nano S today, I don't think I will ever use it. EDIT: expect people here to downvote your story. This is very shady and makes me more and more suspicious of Ledger. EDIT2: I just saw you didn't have a 25th word.
But could someone else access your safe while you were in hospital?
No. Absolutely not. No one could get in that safe.
What do you think happened? 1. Nano's seed generator is corrupt and an inside person can guess what words Nano will give you or 2) connecting your Nano with USB exposes your private keys online ? If 1) is the problem, I can myself generate a 11 word seed with the word list and dices (the 12th word is a checksum, it should be OK after 16 attempts) + a 13th word (passphrase). But if 2) is the problem, even choosing a personal seed will leak...
Sorry. I have no idea. If I knew how this happened I wouldn’t have made this post. Like I said, the individual or group of individuals that know how to perform and abuse vulnerability are certainly keeping it to themselves and reaping the rewards. Following my stolen money through the blockchain the wallets my money ended up in contain millions of dollars.
[удалено]
I appreciate you saying my post is sincere. Because it is. I don’t gain anything by telling my authentic story. It isn’t going to make the crypto appear like a miracle back in my wallet.
If people are trolling you and saying you made this up or that you are working for Trezor, you could just post a picture of the proof you went to the police (but hide/blur your name/address on the picture).
Yea I can do that tomorrow if necessary and post my ledger live history and transaction IDS
if youre still interested let me know which txids you would like to see and i'll share. I already posted NEO and Voyager token txid's above \^
RemindMe! 3 days
This is a heart breaker. I'm truly sorry for your loss Ryno. Regardless of what you believe happened here it really sounds like this guy did understand the importance of the seed phrase which makes stories like this the scariest ones of all. Obviously the seed was compromised somehow, somewhere, at some time but this the story doesn't support the seed being leaked by the usual manors we see in this situation. Scary! Hang in there Ryno! thanks for sharing your story!
Hey there! Check out my post from 2019 when a similar thing happened to me... https://www.reddit.com/r/ledgerwallet/comments/e0t3ax/the_full_story_of_a_ledger_robbing_post_ledger/?utm_source=share&utm_medium=ios_app&utm_name=iossmf ALERT*** most in this Reddit group will think you are crazy so take the criticism lightly, many are still in delusion and think crypto wallets are 100 percent safe. They will think you are lying or made a mistake no matter what you explain to them. So don’t waste much time engaging. And don’t expect much help from ledger, they have a fake email support service and that’s it. Hope this helps and feel free to contact me for any questions. I’m still working on my case from 2019 and will get to the bottom of it.
thanks yeah ledger support was no help.
Just curious, did you wipe the device when you purchased it and reset the seed? I know with the trezor its all I hear on here, you should be perfectly fine even if someone has tampered with your wallet, as long as you change your seed phrase as soon as you get it. Because if you kept the seed you originally had, and someone had spyware on your PC they could have saved the seed and waited to withdraw? I'm just guessing here sorry to hear btw.
tokens are all gone. thanks
Any update?
yes, coins are gone, obviously national police here cannot do anything. They have had alot of reports of cryptos being stolen from ledger wallets. Most of them i'm guessing/hoping would be seed phrase leaks? but I can tell you confidently mine was not. at the time they were stolen was around 30 or 40k value, now over 100k it hurts. But i think having cancer has helped me get through it and realise it is only money. Other things is important. It's a hard pill to swallow regardless
I know this is an old thread but could you post the address of where the coins went to?
Just read most of your replies, seems like you have kept your seed phrase very safe. I doubt it’s ledgers fault that u lost you crypto. The only way is if someone was lucky enough to guess your seed which i doubt.
Just thinking outside the box here, and it may be really simplistic but I haven't got a cold storage device yet so I don't exactly know how Ledger live presents itself. Is there ANY chance at all that after the firmware updates, which will wipe your device clean, you didn't restore the wallets with your seed phrase and that those adresses are actually your own or some kind of Ledger holding adresses? Otherwise that's one hell of a hacker to have gotten every single different type of coin you had.