Binance Founder CZ Warns: Ledger Discord Hack Targets Recovery Phrases

The post Binance Founder CZ Warns: Ledger Discord Hack Targets Recovery Phrases appeared first on Coinpedia Fintech News

The crypto world is once again on high alert as Ledger, the maker of popular crypto hardware wallets, has confirmed that its Discord server is back under control after a recent hacking attempt. On May 11, a hacker got access to a moderator’s account and used it to share scam links in the server, trying to trick users into giving up their wallet seed phrases.

What Happened? 

The attacker set up a fake story claiming there was a new security issue with Ledger and urged users to “verify” their recovery phrases through a phishing link. Clicking the link could have allowed the scammer to steal users’ funds. 

Some users even said they were muted or banned when trying to warn others, slowing Ledger’s response.

Discord Admin Hacked, Users Tricked

Just got this security warning.

Ledger's Discord admin account was hacked. The scammer falsely claimed a security flaw and urged users to enter their recovery phrases on a phishing site.

Lessons:
1. Never give up your private key recovery phrases no matter who is doing the…

— CZ BNB (@cz_binance) May 12, 2025

Highlighting the sensitivity of the issue, former Binance CEO Changpeng Zhao (CZ) raised concerns about a fresh phishing scam targeting Ledger users. This time, the attackers took over the admin account of Ledger’s official Discord server to spread a dangerous message.

According to CZ, the compromised Ledger Discord admin account was used to impersonate official staff. The scammer claimed that a major vulnerability had been discovered in Ledger wallets, putting users’ sensitive information at risk—including their secret recovery phrases.

Notably, the victims were directed to a fraudulent website where they were asked to re-enter their recovery phrases to “secure” their wallets. In reality, handing over this phrase gives full control of the wallet to the attacker, putting all funds at immediate risk.

How to be Safe?

In times of crisis, CZ reminded users of a golden rule in crypto: never share your seed or recovery phrase, no matter who asks or how urgent the message seems. Even if it looks official, it’s likely a scam. He stressed that social media and communication accounts remain the most vulnerable links in security chains, often becoming the easiest entry points for attackers.

Ledger’s Response 

Ledger has responded to CZ’s warning, clarifying that their Discord server itself wasn’t hacked. Instead, a contractor moderator’s account was briefly compromised, allowing a fake message with a scam link to be posted in one channel. The situation was resolved within an hour, permissions were locked down, the fake site was reported, and security was reinforced. Ledger emphasized that the phishing message wasn’t from their team and reminded users to never share their recovery phrases.