An unknown attacker hacked into a moderator’s account and used a bot to share phishing links and steal user funds.

Hardware wallet provider Ledger has confirmed its Discord server is secure again after an attacker compromised a moderator’s account to post scam links on May 11 to trick users into revealing their seed phrases on a third-party website.

“One of our contracted moderators had their account compromised, which allowed a malicious bot to post scam links in one channel,” Ledger team member Quintin Boatwright wrote on the Ledger Discord server. 

“The issue was quickly contained: the compromised account was removed, the bot was deleted, the website was reported, and all relevant permissions were reviewed and secured.”

Some members in Ledger’s Discord channel claimed the attacker abused moderator privileges to ban and mute them as they tried to report the breach, possibly slowing Ledger’s reaction.

Boatwright said the security breach was an isolated incident and that Ledger has taken additional measures to strengthen its security on Discord, a chat platform many crypto projects use to share protocol developments and engage with their community. Using the compromised Ledger community manager account, the hacker told Ledger Discord members that there was a recently discovered vulnerability in the firm’s security systems and strongly urged all users to verify their recovery phrases with a scam link, according to several screenshots shared on X. 

Ledger users were asked to connect their wallets and follow on-screen instructions.It isn’t clear whether anyone was affected by the security breach. Cointelegraph has reached out to Ledger for comment