SOCRadar Dark Web Team detected threat actors distributing phishing tools that impersonate Ledger hardware wallet interfaces to allegedly steal crypto from unsuspecting users.

According to a Sept. 1 report, the cybercriminals advertise a “Ledger Wallet 2025 Smart Scampage Inferno Multichain” kit that replicates the official Ledger interface with professional design elements.

The malicious package features a redesigned 2025 UI inspired by Ledger’s authentic interface, anti-bot protection mechanisms, a responsive design for both desktop and mobile platforms, and seed phrase capture functionality that enables the theft of private keys.

Threat actors market the phishing kit through dark web channels, claiming the tool serves “educational purposes” while providing download links through anonymized file-sharing services.

The vendors invite direct messages for additional information, indicating organized distribution networks targeting Ledger users specifically.

Hack threat of phishing attacks

A recent incident demonstrated the financial impact of sophisticated phishing campaigns. On Sept. 2, a Venus Protocol user lost approximately $13 million after attackers used a malicious Zoom client to gain system privileges and trick the victim into approving fraudulent transactions.

The attackers exploited their access to manipulate the victim into submitting a transaction that designated the attacker as a valid Venus delegate, allowing them to borrow and redeem funds on the victim’s behalf.

Go to Source to See Full Article
Author: Gino Matos