Ledger raises $380 million for its crypto hardware wallet

French startup Ledger has raised a $380 million Series C funding round led by 10T Holdings. Following today’s funding round, the company has reached a valuation of $1.5 billion.

Other investors in the funding round include existing investors Cathay Innovation, Draper Associates, Draper Dragon, Draper Esprit, DCG, Korelya Capital and Wicklow Capital. Some new investors are joining the round, such as Tekne Capital, Uphold Ventures, Felix Capital, Inherent, Financière Agache and iAngels Technologies.

Ledger’s main product is a hardware wallet to manage your crypto assets. They are shaped like USB keys and feature a tiny screen to confirm transactions on the device. The reason why that screen is important is that your private keys never leave your Ledger device.

In other words, if you want to store large amount of cryptocurrencies, you don’t want to leave them on an exchange account. If someone manages to sign in, they could withdraw all your crypto assets. With a hardware wallet, you remain in control of your crypto assets.

The company first launched the Ledger Nano S. You have to connect the device to a computer using a USB cable. More recently, with the Ledger Nano X, you can send and receive assets from your phone as the Nano X works over Bluetooth. Ledger also provides an enterprise solution for companies that want to add cryptocurrencies to their balance sheet.

Overall, Ledger has sold over 3 million hardware wallets. Every month, 1.5 million people use Ledger Live, the company’s software solution to manage your crypto assets. The company even says that it currently secures around 15% of all cryptocurrency assets globally.

It hasn’t been a smooth ride as the company has been around for seven years. After the crypto boom of 2018, interests for hardware wallets faded away. Moreover, as the company secures expensive assets, it has also suffered from a serious data breach — 272,000 customers have been affected.

With today’s funding round, the company plans to launch new products, add more DeFi features to Ledger Live and support the growth of the crypto ecosystem in general.

Are we overestimating the ransomware threat?

On Monday afternoon, the U.S. Justice Department said it has seized much of the cryptocurrency ransom that  U.S. pipeline operator Colonial Pipeline paid last month to a Russian hacking collective called DarkSide by tracking the payment as it moved through different accounts belonging to the hacking group and finally breaking into one of those accounts with the blessing of a federal judge.

It’s a feel-good twist to a saga that began with a cyberattack on Colonial and resulted in a fuel shortage made worse by the panic-purchasing of gasoline last month after the company shut down one of its major pipelines (and later suffered a second pipeline shutdown owing to what it described as an overworked internal server). But Christopher Alhberg, a successful serial entrepreneur and the founder of Recorded Future, a security intelligence company that tracks threats to the government and corporations and runs its own media arm, suggests that Americans have overestimated DarkSide all along. He explained a lot about the way its operations work last week in an interview that you can hear here. Shorter excerpts from that conversation follow, edited lightly for length.

TC: Broadly, how does your tech work?

CA: What we do is try to index the internet. We try to get in the way of data from everything that’s written on the internet, down to the electrons moving, and we try and index that in a way that it can be used for for people who are defending companies and defending organizations. . .  We try to get into the heads of the bad guys, get to the where the bad guys hang out, and understand that side of the equation. We try to understand what happens on the networks where the bad guys operate, where they execute their stuff, where they basically transmit data, where they run the illicit infrastructure — all of those things. And we also try to get in the way of the traces that the bad guys leave behind, which could be in all kinds of different interesting places.

TC: Who are your customers?

CA: We have about 1,000 of them in total, and they range from the Department of Defense to some of the largest companies in the world. Probably a third of our business is [with the] government, one third of our businesses are in the financial sector, then the rest [comprise] a whole set of verticals, including transportation, which has been big.

TC: You’re helping them predict attacks or understand what happened in cases where it’s too late?

CA: It can go both ways.

TC: What are some of the clues that inform your work?

CA: One is understanding the adversary, the bad guys, and they largely fall in two buckets: You’ve got cyber criminals, and you’ve got adversary intelligence agencies.

The criminals over the last month or two here that the world and us, too, have been focused on are these ransomware gangs. So these are Russian gangs, and when you hear ‘gang,’ people tend to think about large groups of people [but] it’s typically a guy or two or three. So I wouldn’t over estimate the size of these gangs.

[On the other hand] intelligence agencies can be very both well-equipped and [involve] large sets of people. So one piece is about tracking them. Another piece is about tracking the networks that they operate on . . Finally, [our work involves] understanding the targets, where we get data on the potential targets of a cyber attack without having access to the actual systems on premises, then tying the three buckets together in an automated fashion.

TC: Do you see a lot of cross pollination between intelligence agencies and some of these Russian cutouts?

CA: The short answer is these groups are not, in our view, being tasked on a daily or monthly or maybe even yearly basis by Russian intelligence. But in a series of countries around the world — Russia, Iran, North Korea is a little bit different, to some degree in China — what we’ve seen is that government has encouraged a growing hacker population that’s been able, in an unchecked way, to be able to pursue their interest — in Russia, largely — in cyber crime. Then over time, you see intelligence agencies in Russia — FSB, SVR and GRU —  being able to poach people out of these groups or actually task them. You can find in official documents how these guys have mixed and matched over a long period of time.

TC: What did you think when DarkSide came out soon after the cyberattack and said it could no longer access its Bitcoin or payment server and that it was shutting down?

CA: If you did this hack, you probably had zero idea what Colonial Pipeline actually was when you did it. You’re like, ‘Oh, shit, I’m all over the American newspapers.’ And there are probably a couple of phone calls starting to happen in Russia, where basically, again, ‘What the hell did you just do? How are you going to try to cover that up?’

One of the simplest first things you’re going to do is to basically say either, ‘It wasn’t me’ or you’re going to try to say, ‘We lost the money; we lost access to our servers.’ So I think that was probably fake that whole thing [and that] what they were doing was just to try to cover their tracks, [given that] we found them later come back and try to do other things. I think we overestimated the ability of the U.S. government to come rapidly right back at these guys. That will just not happen that fast, though this is pure conjuring. I’m not saying that with access to any inside government information or anything of the sort.

TC: I was just reading that DarkSide operates like a franchise where individual hackers can come and receive software and use it like a turnkey process. Is that new and does that mean that it opens up hacking to a much broader pool of people?

CA:  That’s right. One of the beauties of the Russian hacker underground is in its distributed nature. I’m saying ‘beauty’ with a little bit of sarcasm, but some people will write the actual ransomware. Some will use the services that these guys provide and then be the guys who might do the hacking to get into the systems. Some other guys might be the ones who operate the Bitcoin transactions through the Bitcoin tumbling that gets needed . . . One of the interesting points is that to get the cash out in the end game, these guys need to go through one of these exchanges that ended up being more civilized businesses, and there might be money mules involved, and there are people who run the money mules. A lot of these guys do credit card fraud; there’s a whole set of services there, too, including testing if a card is alive and being able to figure out how you get money out of it. There are probably 10, 15, maybe  20 different types of services involved in this. And they’re all very highly specialized, which is very much why these guys have been able to be so successful and also why it’s hard to go at it.

TC: Do they share the spoils and if so, how?

CA: They do. These guys run pretty effective systems here. Obviously, Bitcoin has been an incredible enabler in this because there is a way to do payments [but] these guys have whole systems for ranking and rating of themselves much like an eBay seller. There’s a whole set of these underground forums that have historically has been the places that these guys have been operating and they’ll including include services there for being able to say that somebody is a scammer [meaning in relation to the] thieves who are among the cyber criminals. It’s much like the internet. Why does the internet work so well? Because it’s super distributed.

TC: What’s your advice to those who aren’t your customers but want to defend themselves?

CA: A colleague produced a pie chart to show what industries are being hit by ransomware and what’s amazing is that it was just super distributed across 20 different industries. With Colonial Pipeline, a lot of people were like, ‘Oh, they’re coming from the oil.’ But these guys could care less. They just want to find the slowest moving target. So make sure you’re not the easiest target.

The good news is that there are plenty of companies out there doing the basics and making sure that your systems are patched [but also] hit that damn update button. Get as much of your stuff off the internet so that it’s not facing out. Keep as little surface area as you can to the outside world. Use good passwords, use multiple two-factor authentication on everything and anything that you can get your hands on.

There’s a checklist of 10 things that you’ve got to do in order to not be that easy target. Now, for some of these guys — the really sophisticated gangs — that’s not enough. You’ve got to do more work, but the basics will make a big difference here.

In search of a new crypto deity

Hello friends, and welcome back to Week in Review!

Last week, I wrote about tech taking on Disney. This week, I’m talking about the search for a new crypto messiah.

If you’re reading this on the TechCrunch site, you can get this in your inbox from the newsletter page, and follow my tweets @lucasmtny.

The Big Thing

Elon has worn out his welcome among the crypto illuminati, and the acolytes of Bitcoin are searching out a new emperor god king.

This weekend, thousands of crypto acolytes and investors have descended on a Bitcoin-themed conference in Miami, a very real, very heavily-produced conference sporting crypto celebrities and actual celebrities all on a mission to make waves.

Even though I am not at the conference in person (panels from its main stage were live-streamed online), I have plenty of invites in my email for afterparties featuring celebrities, open bars and endless conversations on the perils of fiat. The cryptocurrency community has never been larger or richer thanks to its most fervent bull run yet, and despite a pretty noteworthy correction in the past few weeks, people believe the best is yet to come.

Despite having so much, what they still seem to be lacking is a patron saint.

For the longest bout, that was SpaceX and Tesla CEO Elon Musk who bolstered the currency by pushing Tesla to invest cash on its balance sheet into bitcoin, while also pushing for Tesla to accept bitcoin payments for its vehicles. As I’ve noted in this newsletter in the past, Musk had a tough time reconciling the sheer energy use of bitcoin’s global network with his eco warrior bravado which has seemed to lead to his mild and uneven excommunication (though I’m sure he’s welcome back at any time).

There are plenty of celebrities looking to fill his shoes — a recent endorsement gone wrong by Soulja Boy was one of the more comical instances.

Crypto has been no stranger to grift — of that even the most hardcore crypto grifters can likely agree — and I think there’s been some agreement that the only leader who can truly preach the gospel is someone who is already so rich they don’t even need more money. It’s one reason the community has offered up so much respect for Ethereum founder Vitalik Buterin who truly doesn’t seem to care too much about getting any wealthier — he donated about $1 billion worth of crypto to Covid relief efforts in India. A Musk-like cheerleader serves a different purpose though, and so the community is in search of a Good Billionaire.

The best runner-up at the moment appears to be one Jack Dorsey, and while — like Musk — he is also another double-CEO, he is quite a bit different from him in demeanor and desire for the spotlight. He was, however, a headline speaker at Miami’s Bitcoin conference.

Dorsey gathers the most headlines for his work at Twitter but it’s Square where he is pushing most of his crypto enthusiasm. Users can already use Square’s Cash App to buy Bitcoin. Minutes before going onstage Friday, Dorsey tweeted out a thread detailing that Square was interested in building its own hardware wallet that users could store cryptocurrency like bitcoin on outside of the confines of an exchange.

“Bitcoin changes absolutely everything,” Dorsey said onstage. “I don’t think there is anything more important in my lifetime to work on.”

And while the billionaire Dorsey seems like a good choice on paper — he tweets about bitcoin often, but only good tweets. He defends its environmental effects. He shows up to House misinformation hearings with a bitcoin tracker clearly visible in the background. He is also unfortunately the CEO of Twitter, a company that’s desire to reign in its more troublesome users — including one very troublesome user — has caused a rift between him and the crypto community’s very vocal libertarian sect.

Dorsey didn’t make it very far into his speech before a heckler made a scene calling him a hypocrite because of all this with a few others piping in, but like any good potential crypto king would know to do, he just waited quietly for the noise to die down.

(Photo by BRENDAN SMIALOWSKI/AFP via Getty Images)

Other things 

Here are the TechCrunch news stories that especially caught my eye this week:

Facebook’s Trump ban will last at least 2 years
In response to the Facebook Oversight Board’s recommendations that the company offer more specificity around its ban of former President Trump, the company announced Friday that it will be banning Trump from its platforms through January 2023 at least, though the company has basically given itself the ability to extend that deadline if it so desires…

Nigeria suspends Twitter
Nigeria is shutting down access to Twitter inside the country with a government official citing the “use of the platform for activities that are capable of undermining Nigeria’s corporate existence.” Twitter called the shutdown “deeply concerning.”

Stack Overflow gets acquired for $1.8 billion
Stack Overflow, one of the most-visited sites of developers across the technology industry, was acquired by Prosus. The heavy hitter investment firm is best known for owning a huge chunk of Tencent. Stack Overflow’s founders say the site will continue to operate independently under the new management.

Spotify ups its personalization
Music service Spotify launched a dedicated section this week called Only You which aims to capture some of the personalization it has been serving up in its annual Spotify Wrapped review. Highlights of the new feature include blended playlists with friends and mid-year reviews.

Supreme Court limits US hacking law in landmark case
Justices from the conservative and liberal wings joined together in a landmark ruling that put limits on what kind of conduct can be prosecuted under the controversial Computer Fraud and Abuse Act.

This one email explains Apple
Here’s a fun one, the email exchange that birthed the App Store between the late Steve Jobs and SVP of Software Engineering, Bertrand Serlet as annotated by my boss Matthew Panzarino.

illustration of money raining down

Image Credits: Bryce Durbin / TechCrunch

Extra things

Some of my favorite reads from our Extra Crunch subscription service this week:

For SaaS startups, differentiation is an iterative process
“The more you know about your target customers’ pain points with current solutions, the easier it will be to stand out. Take every opportunity to learn about the people you are aiming to serve, and which problems they want to solve the most. Analyst reports about specific sectors may be useful, but there is no better source of information than the people who, hopefully, will pay to use your solution..”

3 lessons we learned after raising $6 million from 50 investors
“…being pre-product at the time, we had to lean on our experience and our vision to drive conviction and urgency among investors. Unfortunately, it just wasn’t enough. Investors either felt that our experience was a bad fit for the space we were entering (productivity/scheduling) or that our vision wasn’t compelling enough to merit investment on the terms we wanted.

The existential cost of decelerated growth
“Just because a technology startup has a hot start, that doesn’t mean it will grow quickly forever. Most will wind up somewhere in the middle — or worse. Put simply, there is a larger number of tech companies that do fine or a little bit worse after they reach scale.”


Again, if you’re reading this on the TechCrunch site, you can get this in your inbox from the newsletter page, and follow my tweets @lucasmtny.