通過提示他們提供恢復短語，發佈在Discord將分類帳用戶中發布的假消息。

這次重大攻擊背後是人為錯誤和強大的操縱。 Changpeng Zhao發出警報……我們真的為這些新形式的黑客準備了嗎？

A fake message posted on Discord on May 10 trapped Ledger users by prompting them to provide their recovery phrase. Behind this major attack lies a human error and a formidable manipulation. Changpeng Zhao sounds the alarm… Are we really prepared for these new forms of hacking?

5月10日在Discord上發布的虛假消息通過提示他們提供恢復短語，來捕獲的分類帳用戶。這次重大攻擊背後是人為錯誤和強大的操縱。 Changpeng Zhao發出警報……我們真的為這些新形式的黑客準備了嗎？

A Compromised Moderator and a Fake Message Broadcast

折衷的主持人和一個假消息廣播

On May 11, a hacker took control of a contractor moderator account on Ledger’s Discord server. This account, usually used for community engagement, allowed the attacker to broadcast a message announcing an alleged critical security flaw. The message directed members to a fraudulent link, urging them to enter their recovery phrase.

5月11日，黑客控制了Ledger的Discord Server上的承包商主持人帳戶。該帳戶通常用於社區參與，允許攻擊者廣播宣布涉嫌關鍵安全缺陷的消息。該消息將成員引向欺詐性鏈接，敦促他們輸入恢復短語。

This type of phishing relies on social engineering: it causes panic to push the user to make an irreversible mistake. By hijacking the apparent authority of a legitimate moderator, the attacker exploited a trust lever rarely questioned on these platforms.

這種類型的網絡釣魚依賴於社會工程：這會使恐慌推動用戶犯不可逆的錯誤。通過劫持合法主持人的明顯權威，攻擊者利用了在這些平台上很少受到質疑的信託槓桿。

Ledger’s Quick Response and Security Enhancement

Ledger的快速響應和安全性增強

Just a few hours after the fraudulent message was posted, Ledger reportedly identified and neutralized the threat. The company deleted the compromised account, blocked the malicious link, and launched a cleanup operation on its Discord server. Additionally, it announced a series of corrective measures:

在發布欺詐性消息後僅幾個小時，據報導，萊傑（Ledger）確定併中和威脅。該公司刪除了折衷的帳戶，阻止了惡意鏈接，並在其Discord服務器上啟動了清理操作。此外，它宣布了一系列糾正措施：

These actions reflect a commitment to transparency and rigor against a flaw exploited through a community channel previously considered secondary in cybersecurity arsenals.

這些行動反映了對通過以前被認為是網絡安全武器庫中次要的社區渠道利用的缺陷對透明和嚴格的承諾。

Changpeng Zhao Calls for Vigilance on Social Networks

Changpeng Zhao呼籲在社交網絡上保持警惕

Following the attack, Changpeng Zhao (CZ) warned the community about increasing risks related to social account compromises. According to him, these accounts often represent the most accessible entry point for cybercriminals. Ledger immediately supported his message, relaying essential recommendations on its X account. Together, they remind that:

襲擊發生後，Changpeng Zhao（CZ）警告社區增加了與社會帳戶妥協相關的風險。據他說，這些帳戶通常代表了網絡犯罪分子最訪問的入口點。 Ledger立即支持他的信息，並在其X帳戶上傳達了基本建議。他們一起提醒：

This coordinated communication between CZ of Binance and Ledger showcases the ecosystem’s maturity facing informational threats and could well drive the BNB price upward.

這種Binance和Ledger之間的這種協調的溝通展示了面臨信息威脅的生態系統的成熟度，並且很可能會推動BNB價格上漲。

An Incident Revealing the Increasing Sophistication of Attacks

一個事件揭示了攻擊越來越複雜的事件

The Discord case is part of a series of increasingly sophisticated attacks targeting Ledger. In April, some users received letters by mail containing a QR code, allegedly sent by the brand, which actually redirected to a phishing site. These practices may be linked to the massive data breach Ledger suffered in 2020. The attack vectors are diversifying:

不和諧案例是針對分類帳的一系列越來越複雜的攻擊的一部分。 4月，一些用戶通過郵件收到包含QR碼的信件，該QR碼實際上是由該品牌發送的，該碼實際上是重定向到網絡釣魚網站的。這些做法可能與2020年遭受的大規模數據洩露分類帳有關。攻擊向量正在多樣化：

These methods exploit unexpected channels to circumvent the digital vigilance of informed users. This evolution forces the entire industry to revise its defensive strategy by incorporating hybrid and more insidious scenarios.

這些方法利用意外的渠道來規避知情用戶的數字警惕。這種進化迫使整個行業通過納入混合動力和更陰險的場景來修改其防禦戰略。

This incident demonstrates that even the most established players remain vulnerable to targeted attacks, similar to the recent Bybit hack. Responsibility no longer rests solely on platforms but on the entire crypto community. How far will we have to go to secure spaces originally designed to foster exchange and trust?

這一事件表明，即使是最成熟的球員仍然容易受到針對性攻擊的影響，類似於最近的bybit hack。責任不再僅僅取決於平台，而是在整個加密社區。我們必須走多遠才能確保最初旨在促進交換和信任的空間？

Maximize your Cointribune experience with our "Read to Earn" program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.

通過我們的“閱讀賺取”計劃最大化您的共同成員體驗！對於您閱讀的每篇文章，請賺取積分並獲得獨家獎勵。立即註冊並開始賺取福利。