The hacker claiming to be selling user databases from top hardware wallet manufacturers Ledger, Trezor, and KeepKey appears to actually be peddling bunk, according to SatoshiLabs.
On May 24, cybercrime monitoring blog Under the Breach reported that a hacker had begun advertising the customer databases of popular hardware wallet companies for sale. The data purportedly included the full names and physical addresses for over 80,000 user accounts.
Under the Breach tweeted screenshots suggesting that the hacker obtained the databases by exploiting a vulnerability of popular e-commerce platform Shopify.
“Don’t offer me low dolar, only big money allowed,” the hacker warns prospective bidders.
Trezor refutes hacker’s claims
SatoshiLabs is the team behind Trezor, and a company rep told Cointelegraph that Trezor had gotten ahold of sample data for the supposed database and found “no Trezor customer data included in the offered database.”
Trezor’s initial investigation concluded that “the content and structure of the leaked data does not correspond to the data from the Trezor e-shop and looks more likely to be fabricated.” The spokesperson added that “the whole incident seems like a scam.”
Slush, the pseudonymous chief executive of SatoshiLabs, said, “We take data privacy very seriously at SatoshiLabs. By anonymizing the data in our e-shop after 90 days, we minimize the impact of such a breach. I would like to assure our customers that their data is being treated as highly sensitive.“
A spokesperson for Shopify also told Cointelegraph that an investigation into the purported vulnerability found “no evidence of any compromise of Shopify’s systems.”
Scammer poses as hacker
After adding the popular hardware wallets to his advertisement for stolen data, the hacker now claims to offer customer databases of 18 total virtual currency firms, having first posted the ad on May 17.
But based on investigations carried out by the companies whose databases are supposedly available for purchase, the hacker’s entire bazaar of stolen account information is probably fabricated.
Mexican crypto trading platform Bitso, one of the companies previously named in the hacker’s list, has also refuted the validity of the cybercriminal’s claims, asserting that its investigations “have not found evidence that a third party has sufficient information to access our customers’ accounts.”