通过提示他们提供恢复短语，发布在Discord将分类帐用户中发布的假消息。

这次重大攻击背后是人为错误和强大的操纵。 Changpeng Zhao发出警报……我们真的为这些新形式的黑客准备了吗？

A fake message posted on Discord on May 10 trapped Ledger users by prompting them to provide their recovery phrase. Behind this major attack lies a human error and a formidable manipulation. Changpeng Zhao sounds the alarm… Are we really prepared for these new forms of hacking?

5月10日在Discord上发布的虚假消息通过提示他们提供恢复短语，来捕获的分类帐用户。这次重大攻击背后是人为错误和强大的操纵。 Changpeng Zhao发出警报……我们真的为这些新形式的黑客准备了吗？

A Compromised Moderator and a Fake Message Broadcast

折衷的主持人和一个假消息广播

On May 11, a hacker took control of a contractor moderator account on Ledger’s Discord server. This account, usually used for community engagement, allowed the attacker to broadcast a message announcing an alleged critical security flaw. The message directed members to a fraudulent link, urging them to enter their recovery phrase.

5月11日，黑客控制了Ledger的Discord Server上的承包商主持人帐户。该帐户通常用于社区参与，允许攻击者广播宣布涉嫌关键安全缺陷的消息。该消息将成员引向欺诈性链接，敦促他们输入恢复短语。

This type of phishing relies on social engineering: it causes panic to push the user to make an irreversible mistake. By hijacking the apparent authority of a legitimate moderator, the attacker exploited a trust lever rarely questioned on these platforms.

这种类型的网络钓鱼依赖于社会工程：这会使恐慌推动用户犯不可逆的错误。通过劫持合法主持人的明显权威，攻击者利用了在这些平台上很少受到质疑的信托杠杆。

Ledger’s Quick Response and Security Enhancement

Ledger的快速响应和安全性增强

Just a few hours after the fraudulent message was posted, Ledger reportedly identified and neutralized the threat. The company deleted the compromised account, blocked the malicious link, and launched a cleanup operation on its Discord server. Additionally, it announced a series of corrective measures:

在发布欺诈性消息后仅几个小时，据报道，莱杰（Ledger）确定并中和威胁。该公司删除了折衷的帐户，阻止了恶意链接，并在其Discord服务器上启动了清理操作。此外，它宣布了一系列纠正措施：

These actions reflect a commitment to transparency and rigor against a flaw exploited through a community channel previously considered secondary in cybersecurity arsenals.

这些行动反映了对通过以前被认为是网络安全武器库中次要的社区渠道利用的缺陷对透明和严格的承诺。

Changpeng Zhao Calls for Vigilance on Social Networks

Changpeng Zhao呼吁在社交网络上保持警惕

Following the attack, Changpeng Zhao (CZ) warned the community about increasing risks related to social account compromises. According to him, these accounts often represent the most accessible entry point for cybercriminals. Ledger immediately supported his message, relaying essential recommendations on its X account. Together, they remind that:

袭击发生后，Changpeng Zhao（CZ）警告社区增加了与社会帐户妥协相关的风险。据他说，这些帐户通常代表了网络犯罪分子最访问的入口点。 Ledger立即支持他的信息，并在其X帐户上传达了基本建议。他们一起提醒：

This coordinated communication between CZ of Binance and Ledger showcases the ecosystem’s maturity facing informational threats and could well drive the BNB price upward.

这种Binance和Ledger之间的这种协调的沟通展示了面临信息威胁的生态系统的成熟度，并且很可能会推动BNB价格上涨。

An Incident Revealing the Increasing Sophistication of Attacks

一个事件揭示了攻击越来越复杂的事件

The Discord case is part of a series of increasingly sophisticated attacks targeting Ledger. In April, some users received letters by mail containing a QR code, allegedly sent by the brand, which actually redirected to a phishing site. These practices may be linked to the massive data breach Ledger suffered in 2020. The attack vectors are diversifying:

不和谐案例是针对分类帐的一系列越来越复杂的攻击的一部分。 4月，一些用户通过邮件收到包含QR码的信件，该QR码实际上是由该品牌发送的，该码实际上是重定向到网络钓鱼网站的。这些做法可能与2020年遭受的大规模数据泄露分类帐有关。攻击向量正在多样化：

These methods exploit unexpected channels to circumvent the digital vigilance of informed users. This evolution forces the entire industry to revise its defensive strategy by incorporating hybrid and more insidious scenarios.

这些方法利用意外的渠道来规避知情用户的数字警惕。这种进化迫使整个行业通过纳入混合动力和更阴险的场景来修改其防御战略。

This incident demonstrates that even the most established players remain vulnerable to targeted attacks, similar to the recent Bybit hack. Responsibility no longer rests solely on platforms but on the entire crypto community. How far will we have to go to secure spaces originally designed to foster exchange and trust?

这一事件表明，即使是最成熟的球员仍然容易受到针对性攻击的影响，类似于最近的bybit hack。责任不再仅仅取决于平台，而是在整个加密社区。我们必须走多远才能确保最初旨在促进交换和信任的空间？

Maximize your Cointribune experience with our "Read to Earn" program! For every article you read, earn points and access exclusive rewards. Sign up now and start earning benefits.

通过我们的“阅读赚取”计划最大化您的共同成员体验！对于您阅读的每篇文章，请赚取积分并获得独家奖励。立即注册并开始赚取福利。