Ursprünglich erschienen auf: https://www.reddit.com/r/CryptoCurrency/comments/dn3k4i/ledger_nano_xs_securityvulnerability_warning_is_a/
I received the following email. I think it's a phishing attempt, and thought it might be useful for others to know. It appears to have a valid DKIM header, but for
support.ledger.com. Also, the way it offers a binary for download is seriously sketchy.
Subject: Security Vulnerability: Ledger Nano X and Ledger Nano S Date: Fri, 25 Oct 2019 20:06:35 +0000 (UTC) From: Ledger Support <email@example.com> To: Alex Coventry Legder SECURITY VULNERABILITY IMPORTANT: Ledger Nano S and Ledger Nano X SECURE RNG CHIP CRITICAL VULNERABILITY Inside Ledger hardware wallet, we use the Secure Element chip to generate and store the private keys for your crypto assets. Unfortunately, some chips, a limited number, were found to be defective by the external company commissioned by Ledger for the production. The problem identified concerns the lack of a correct source of entropy for use by the random number generator may lead to the generation of predictable sequences of numbers and therefore of private keys by malicious users. Ledger is actively working on the problem to replace all defective devices. Please check now if your device is defective with the Ledger SE tool. We apologize for the inconvenience. This mail was sent to you because your Ledger device could be faulty. Please download the Ledger SE Cecker tool below and check right now! Download Ledger SE