- Discord server compromised, phishing attack targets user data.
- Ledger quickly contained the breach.
- User seed phrases at risk; no protocol-wide losses.
Ledger’s Discord server was compromised on May 11, 2025, when a moderator’s account was hijacked, initiating a phishing attack to steal user seed phrases.
Phishing Attack Details
The breach involved a phishing attack that began by exploiting a moderator’s Discord account. Ledger’s team swiftly removed the malicious bot and secured the compromised channels. Users were cautioned against entering recovery phrases via Discord links.
The issue was quickly contained: the compromised account was removed, the bot was deleted, the website was reported, and all relevant permissions were reviewed and secured,” noted Quintin Boatwright, a staff member at Ledger.
The phishing scam primarily threatens private users’ seed phrases, potentially giving attackers control over various digital assets secured via Ledger wallets, such as BTC and ETH.
No immediate financial losses or large-scale shifts in market liquidity were reported following the attack. Concerns linger among users regarding personal security and the robustness of platform defenses in such settings.
Security Enhancements and Responses
The episode serves as a reminder of similar past incidents, like the 2020 Ledger data breach, underscoring the persistent threats posed by social engineering in crypto spaces.
Increased focus on enhancing security systems, improving user education, and monitoring official communication channels may emerge as necessary responses to protect users from continuing phishing threats.
