/biz/ - Business & Finance

>>25031429
Change everything

>>25031429
>funds are safu

rest assured your money is safe

>>25031429
buy a trezor immediately.

In the meantime download the latest BTC core on a laptop you can keep offline and store your coins there until your trezor arrives.

Afterwards email trezor support and ask them to delete all your info and they will do it.

>>25031542
>closing the stable door after the horse has bolted

They are trying to make you click a link and download a fake ledger live and then have you type in your seed words. Automatic sync isn't a real thing. Just don't click or download or even open those mails

>>25031429
i'm looking at "recent activity"
and seeing a bunch of unsuccessful "Automatic Sync" attempts
i have Hotmail by the way.
anyone know what these "Automatic Sync" attempts are? Protocol: IMAP
how does someone go about "Automatic syncing"?

>>25031429
Someone is already trying to change my exchange passwords wtf ledger, thanks a lot you fucking assholes. Wtf do I do now?

>>25031429
fuck man
these fuckers are relentless

>>25031661
>not having a dedicated email account for exchanges
ngmi

>imagine ordering a fucking goystick

>>25031718
>not keeping your shitcoins on a kike run exchange where the kikes will treasure yours shitcoins as if it were their own
never trust goyim with money, including yourself

>>25031542
Trezor marketing team in full blast these past few weeks. Anyone noticed the shills started popping up around the black friday sale? Even though Trezor was offering like half the discount as Ledger.

>>25031542
Stfu retarded nigger they can't touch your crypto.

Can you sue them?

>>25031542
I'm a trezor owner and what you said is retarded, no keys were leaked, the wallet is already offline, all the jeet scammers have is a database of phones and emails belonging to people who bought a trezor, the most sophisticated thing they can do is send an email pretending to be ledger asking to download fake ledger app that leaks your seed, but you have to actively fall for it.

>>25031986
It's smart if I have a secert domain and use it for every exchange?
Ex:
binance@ ABC.com
paypal@ ABC.com
whatever@ ABC.com

and then forward these emails to a gmail client? or there is a great vulnerability in the gmail account? It's for a friend!

I keep all my money on coinbase and have never lost a single sat

Right now every email I get that has something about Ledger or crypto goes instantly to the trash.

>>25031429
>Been using the same email since I was 12
>Email address gets leaked on Ledger
>The two crypto phishing emails I received were swallowed up in the hundreds of dating site and casino phishing emails I already get from all the shady porn and survey sites I signed up on as a retarded kid

>>25031429
lol, your funds are safe (but we kind of gave every criminal in the world your name, home address & phone number... oops. you just need to resist the temptation to give up your seedphrase when you are having your toes cut off with wire cutters by tyrone and your money is safe)

>>25031542
>Afterwards email trezor support and ask them to delete all your info and they will do it.
why should I trust them? Why can't ledger do the same?

>>25031429
Why the fuck do people trust these tiny companies to properly make a piece of hardware that is meant to basically act as a bank?

How is this better than an app on an iPhone?

I wonder if the same anons who make this threads like this also switched their credit score provider after equifax leaked everyones' information..?

>>25032871
based

>>25032871
Never lost it because you never owned it

>>25032496
If you live in a 1st world country, yes. If you live in a shithole, no. There are many criminals that will be interested in such info. If a man buys Ledger for $100, he probably owns at least $1000 in crypto, There are countries where you may be killed for that sum. Also, they can lurk leaked exchange databases by email and estimate how much money a person has got.

>>25033362
i mean, the hardware is unaffected
and the point of hardware wallets is that the private key is never exposed to a device that is connected to the internet

>>25033123
Same but because my email got leaked more than 10 times including by Dailymotion..
I didn't realize I got spam from Ledger until I checked my spam folder.

>>25031718
What do they need to change a password?
Can they do it if the 2FA is activated?
I didn't get any attempt outside of some spam until now.

>>25033558
they need access to your email at least.

>>25033558
forgot password
if they see you can recover with phone number
then they'll try to sim swap you

>>25033558
My email is tied to my google account. If they managed to break in to that I would be majorly fucked. I hope these ledger frogs get sued to fucking oblivion.

>>25033793
How can they sim swap you? Fuck I better scrub my google account now of any sensitive info.

>>25033793
which is why sim based 2fa is retarded but totp is the way.

>>25033824
The worse in this is that I don't think we can trust their ledger hardware to be safe when they displayed such incompetence as a security company.
What if there was a hidden backdoor that could be accessed when you connect it through usb to your computer and they also stole the source code to use it?

Why the fuck do they save that info? Is there an option to buy hardware wallet without vendor saving your private info? I can buy one from a reseller in a shop and pay with cash but I don't trust them.

>>25031429
these mofos are reall trying to brute force into my account i think
they're trying every hour so far
hopefully by "reporting" each IP they used
that'll slow them down a bit

>>25031429
im gonna have to monitor all my accounts activities for the next week or so
fucking scary shit man

>>25034112
I don't remember them asking me if I wanted them to keep my data for such a long time or to create an account for this.
It seems they didn't follow the proper rules to protect data and limit its duration...

From the CNIL french data protection organism:
>What risk in the event of non-compliance with the principle of limitation of the duration?
>In the event of non-compliance with the principle of limited data retention, article 83.5 of the GDPR provides for an administrative fine of up to 20,000,000 euros or, in the case of a company, up to 4% of the total worldwide annual turnover of the previous financial year Note: during a posteriori checks carried out by the CNIL, the retention periods for personal data are verified. Among the most frequent breaches observed are: the lack of definition of a data retention period (for example: no policy has been defined and the data is never erased), the periods are excessive (for example: old database kept as is in the organization's information system), the absence of a purge mechanism (for example: the data is deleted manually at varying intervals).

>>25034190
>>25031718
>>25031661
hahhahaahaahahahahahahaha

>>25031429
Sucks bro. I got mine off Amazon, and I don't see it appearing on the leak.
Was originally worried about getting it from Amazon, but hey, looks like it was the safer bet after all.

>>25034190
If they are trying to brute force your account they probably already spoofed you phone number

>>25034190
Do you have an offline recovery password list for your account?
This could be useful to recover it if something happens to it.

See pic - that's me, under a pile of 5 yr old paper wallets, watching zoomers cry after storing crypto in Chinese hardware linked to a personal email then losing it all

>>25034331
What makes you think Ledgers are safe to use when they can't protect a basic database?

>on the email list but not the address list
Changed my exchange email logins anyway just in case

>>25031429
>live in southamerican shithole
>no direct shipping because third world
>had to use a courier service in miami
>used an email I specifically created to crypto
>I'm on the list as a resident of Miami
Yeah I'm thinking comfy

>>25034415
Oh I plan on gettin an NGRAVE the moment they're released.

>>25034491
Looks interesting but I don't understand how it can be used to generate a transaction offline without a connection through wifi/bluetooth/usb.
How does it work?
It generates a QR code and you have to scan this with a smartphone?
Does it use the biometric data to protect the access too or only to generate the code?
I don't want someone to cut off my fingers to use it...

>>25031429
Imagine using anything other than an old computer for offline wallet... get screwed.

>Google and every app/device harvests your data daily
>sells indiscriminately to whoever will buy
>1000s of times a day
this is the point of a paper wallet or seed phrase. To have the key piece of info not on the internet.

Alright bros, just got home from work.

What legitimate steps should I take from here? I'm considering making a new email, not using real name, and switching all exchange accounts to that email. I will also go and have my phone # changed. Should I abandon the affected email? Or am I alright to keep using it for school and shit?

Has anyone here tried emailing the hack victims, just to see how they are? I'm worried about some of them...

>>25034797
You'll be fine probably but you will get harassed from scammers and phishing emails for years to come, specially if crypto keeps growing.
I'd change it, at least for all crypto stuff like exchanges and so.

>>25031429
>>25031542
>>25031661
>>25031718
>>25031933
Heres a pro tip make sure the 2 factor authentication on your email address isn't using your phone number, if your phone number was leaked.

>>25034824
I got leaked, but haven't had any emails yet. I live 11 floors up and there is security in the lobby so meh.

>>25031515
>I fly to wuhan, eat tasty bat soup.

>>25034824
That's a good way to be reported as a scammer...
Imagine making it legitimately without pump and dumps and going to prison because you asked a pajeet if he was alright.

>>25031515
It's simple we kill the cia

Anyone who understand how bitcoin works knows a ledger is waste of money. Guess you guys are just fucking retarded newfags, who could've guessed

>>25034797
Activate the whitelist on your exchange accounts.
You will get an email notification if someone tried to withdraw your funds and it will block a new address for 24 hours.

>>25031542
https://blog.kraken.com/post/3662/kraken-identifies-critical-flaw-in-trezor-hardware-wallets/

>>25034824
you know you can just call them, anon. much nicer

>>25034735
>>25034997
This and only this
All the newfag listen to them.

>>25032871
>>25033392
that's exactly how mt.gox users felt, until they didn't

>>25031429
should we have one email for each exchange
or ok with just one email for all exchanges?

>>25031429
It's funny because the ledgerfags and other hwfags were always so smug about telling people to "just get a ledger bro" or "if you have any money in crypto you need hw bro" but anyone with some critical thinking abilities should have been able to see that you just have a different (and notably not empty or even much smaller) set of risks with this approach

>>25035144
>digits of doom
Oh fuck the chinks got in with their 3+1s, didn't they?

>>25035035
This can also be used in cars using a STM chip.
It's using the same security and configuration systems.

>>25034899
Weird, my name is not appearing on the leaked order text.

I got caught up in the leak...got a new phone number and killed my email. Oh no I won’t get any more spam

Has anyone actually succesfully scammed anyone or gotten bitcoin from people from this shit yet?

>>25035525
The entire leak is on GitHub.. I thought I wasn’t compromised either until I looked at that list

>>25033390

I swear to god I saw this exact same comment in a thread yesterday.

This thread is botnet.

>>25035035

>have to have physical access to the device
>then take it apart with specialized tools
>then take the time to hack into it

Think I am fine bro. If someone gets access to the physical device they have access to putting a physical gun to my physical head.

>>25033228
>they're going to have to kill a pack of dogs and dodge 1000s of rounds for a chance at my doge
what a time to be alive

>>25031661
I have this happening too to an old Hotmail. Add 2fa so if they ever do brute force it the 2fa will stop them. You can delete the account if you want too.