U.S. seizes $600K in USDT after Ledger phishing theft
Connecticut prosecutors seized and forfeited more than $600,000 in USDT after a mailed phishing letter compromised a Ledger hardware wallet and led to a $234,000 theft.
The U.S. Attorney’s Office for the District of Connecticut recovered and forfeited more than $600,000 in USDT after a phishing letter led to the compromise of a Ledger hardware wallet and a loss of about $234,000.
According to the Department of Justice, a Connecticut resident received a physical letter in September 2025 that appeared to come from “Ledger Security & Compliance.” The letter instructed the recipient to perform a mandatory security check; following its directions allowed fraudsters to remove roughly $234,000 in cryptocurrency from the device.
FBI agents and state police traced the downstream transfers and identified approximately $600,000 in Tether (USDT). Prosecutors filed a civil forfeiture complaint alleging the funds are proceeds of wire fraud and money laundering and moved to seize those assets.
The complaint says the seized stablecoin was routed through accounts in patterns consistent with money-laundering activity. The forfeiture filing begins the legal process to remove the assets from the control of suspected fraudsters while prosecutors pursue their claims.
Letters used in recent campaigns have been crafted to mimic vendor stationery, include holograms and forged signatures, and carry QR codes that lead to phishing websites. A cybercrime consultant noted that a letter addressed to a recipient’s name and home address can increase trust and make victims more likely to follow instructions.
Hardware wallet makers have had customer contact data exposed in past incidents. Ledger experienced a 2020 e-commerce breach that exposed more than one million email addresses and a January 2026 incident at an e-commerce partner that revealed order data. Trezor faced a 2022 insider exploit at a mailing service and a later breach of a third-party support portal that affected roughly 66,000 users. Security analysts have linked those exposures to targeted phishing activity against device owners.
Law enforcement has increased efforts to trace and seize cryptocurrency tied to fraud. In recent months authorities pursued forfeiture in other cases, including funds linked to a romance pig butchering scam and a separate state seizure of about $1.5 million in Dogecoin, Pepe and Solana tokens. Investigators use public blockchain analysis, cooperation with exchanges and traditional financial records to follow illicit conversions of digital assets.
Ledger did not respond to a request for comment. The civil forfeiture complaint remains pending while prosecutors continue the investigation.
The material on GNcrypto is intended solely for informational use and must not be regarded as financial advice. We make every effort to keep the content accurate and current, but we cannot warrant its precision, completeness, or reliability. GNcrypto does not take responsibility for any mistakes, omissions, or financial losses resulting from reliance on this information. Any actions you take based on this content are done at your own risk. Always conduct independent research and seek guidance from a qualified specialist. For further details, please review our Terms, Privacy Policy and Disclaimers.
Articles by this author
