‼️A threat actor is selling Windows desktop wallet sniffers targeting Trezor and Ledger hardware...

Summary

A threat actor is actively selling a Windows-based malware tool called "Ledger Windows Desktop Sniffer" designed to steal credentials from hardware wallet users. The malware terminates the legitimate Ledger process and replaces it with a fake application, includes Telegram notification capabilities for exfiltration, and targets Windows 10/11 systems. This represents a direct threat to cryptocurrency users relying on hardware wallets for asset security.

Indicators of Compromise

• malware — Ledger Windows Desktop Sniffer
• malware — Windows desktop wallet sniffer