Ledger Discord Hack: Users Warned of Phishing Scam

Changpeng Zhao, the founder of Binance, issued a warning to users about the risks of platform-based attacks following a recent hack on Ledger's Discord server. On May 11, Ledger confirmed that its Discord server had been compromised by a hacker who used a moderator’s account to post malicious links. These links directed users to a phishing site that requested their 24-word recovery phrases, which, if entered, would grant attackers direct access to the users' crypto funds.

The breach began when attackers took control of a contracted moderator’s account. A malicious bot was then used to send false alerts claiming a serious security flaw had been discovered. Users were urged to confirm their recovery phrases through a fake link. Although the bot was removed quickly by staff, some community members were muted or banned for reporting the issue, and users received no prior warning about the fraudulent messages. This delay allowed more users to fall victim to the scam, exacerbating the damage caused by the Ledger Discord hack.

Hardware wallets, like those produced by Ledger, rely on offline protection to secure private keys. However, the Discord breach demonstrated that online channels can undermine this security. While the Ledger device itself remained intact, attackers exploited platform permissions and user trust. Changpeng Zhao shared a warning about these risks on X, highlighting the dangers of community platforms and social media. He urged users to stay vigilant against social engineering and phishing attacks, emphasizing the need for better user education and platform defenses.

Ask Aime: "Has Binance been hacked? How do I secure my crypto wallet?"

This incident is not the first time Ledger users have faced scams. In April, attackers sent official-looking letters asking owners to scan a QR code, which led to a phishing site requesting recovery phrases. The letters mimicked Ledger’s branding and address to appear authentic. It is unclear if the scammers used customer data leaked in the 2020 breach of over 270,000 accounts. This series of events underscores how crypto scams are becoming more sophisticated and utilizing multiple channels. Users must remain alert to both digital and physical threats.

Messaging apps like Discord, which many blockchain projects use to connect with users, often lack strong security governance. Hackers gaining moderator access, as seen in the Ledger Discord hack, can pose serious threats. As self-custody gains popularity, educating users about phishing and social engineering is crucial. Simple technical security measures cannot stop every human-based attack. Projects must strengthen both platform controls and user awareness to reduce risk.

The phishing messages in the Ledger hack were designed to look convincingly official. Screenshots showed the hacker posing as a Ledger community manager, warning of a “recently discovered vulnerability” and urging phrase verification. The scam website mimicked a real Ledger verification page, and users who entered their recovery phrases gave attackers sensitive credentials. This combination of technical tricks and psychological pressure made the scam particularly dangerous and difficult to detect. Victims often do not suspect such well-crafted scams until it is too late.

The Ledger hack highlights the need for better communication and proactive measures from companies. While Ledger has not confirmed whether any users lost funds in this hack, the incident underscores the importance of users never sharing their recovery phrases and always verifying links before entering sensitive data. Both phishing links in chats and letters pose significant threats. Crypto asset security requires effort from both companies and users. Staying informed and cautious is now as vital as holding one's private key.