Published On Dec 21, 2020
The Ledger hack is estimated to have affected around 300,000 people. You bought a hardware wallet to keep your crypto safe. phishing attacks, sim swaps, and extortion threats are now happening to those affected. Names, addresses, phone numbers, email addresses, what's known as personally identifiable information, has been leaked. And people aren't sure what to do. If you're on the list, what can you do to minimize the risks and maximize your security right now? Watch this 2 hour emergency livestream to learn.
2:48 We can't undo the data breach, what can we do to help people recover from the ledger leak?
4:26 What happened? What IS the ledger hack?
8:59 Is this a new leak? There was one a couple of months ago and I'm still getting spammed on SMS.
10:49 How do you know if you're in this leaked database?
15:03 I have downloaded the files from pastebin to check if I was affected by the leak. Is there a reason to think my computer might be compromised?
17:07 Ledger doesn't have your keys. The ledger hack does not affect the security of your keys.
18:45 If I do not receive an email from ledger within 24 hours of the breach, do I assume my data was not exposed?
19:31 Am I excluded from this hack cause I bought my Ledger from a distributor? Can this hack also happen to any other producer of hardware wallets i.e trezor or shift crypto?
24:35 If I've been affected, what should I do?
34:31 Big Risk #1: SIM swapping
50:08 Lockdown your primary email account
56:47 Changing from SMS 2FA to other forms of 2FA
1:00:10 Do I need to change my cellphone number?
1:07:29 Do I need to abandon emails associated with the ledger hack, even if they are rather hardened?
1:07:59 BIG Risk #2: Phishing attacks
1:19:57 Postal phishing
1:22:08 How to assess risks of physical attacks
1:23:13 SMALL Risk #1: Physical attacks
1:49:24 SMALL Risk #2: Ledger live update attack
1:53:04 Never ever ever do these things
1:54:18 What can I do to prevent my data from being exposed in the future? Countermeasures
- Taylor Monahan is the founder of MyCrypto. Over the years she's watched attackers become increasingly creative in their attempts to steal, hack, con, and brute-force crypto from unsuspecting people. https://www.mycrypto.com @MyCrypto or @tayvano_
- Jameson Lopp is the co-founder and CTO of Casa. He has worked on key management software for 6 years and focuses on building user friendly self custody solutions. @lopp on Twitter, contact forms at https://lopp.net
- Peter McCormack is a filmmaker and the founder of What Bitcoin Did, a highly successful podcast about cryptocurrency. https://twitter.com/petermccormack, https://www.whatbitcoindid.com
LINKS FROM THE SHOW
Website to see if you've been affected by the ledger hack: https://intelx.io/
How much of your data has already been breached (by other hacks): https://haveibeenpwned.com/
Jameson's History of Physical Attacks in Bitcoin: https://github.com/jlopp/physical-bitcoin-attacks
Jameson's Physical Home Defense Primer: https://aantonop.io/loppdefense
One option to get disposable email addresses: https://mailinator.com
One option to get disposable phone numbers: https://quackr.io/
One option for TOTP: https://authy.com/
One option for physical U2F: https://www.yubico.com/
Key Management & Hardware Wallets: https://youtu.be/bc3HQqCSl7A
Cryptocurrency Security Session: https://youtu.be/P7IuPA26GGc
Passwords and Authentication: https://youtu.be/m8jlnZuV1i4
COMMENT below and let us know what you think of the video. Post your follow-up questions there too!
SUBSCRIBE to this YouTube channel and select the bell 🔔 for notifications: https://www.youtube.com/channel/UCJWCJCWOxBYSi5DhCieLOLQ?sub_confirmation=1
JOIN this YouTube channel to become a YouTube Community Member and access custom emoji and other perks: https://www.youtube.com/channel/UCJWCJCWOxBYSi5DhCieLOLQ/join
LEARN from Andreas directly: https://aantonop.io/takeaworkshop. Andreas is the author of Mastering Bitcoin, Mastering Ethereum, and Mastering the Lightning Network (2021) and The Internet of Money Series books, which explain why bitcoin, ethereum, and open blockchains matter.
About aantonop: Andreas isn't promoting a company or an organization; he's paid by the community (people who support this work on Patreon & YouTube) and provides an unbiased look at open blockchain technologies, what they can do for our societies, and how to get involved (if you decide you want to). https://aantonop.io
You may already know that Andreas' mission is to educate as many people as possible about #Bitcoin and open blockchain technologies. Thank you for being part of this mission.
***Learn & Connect with Andreas***