Ledger users face continuous thefts due to fake Chrome extension

The digital asset hardware wallet has been repeatedly attacked during the last few weeks.

The hardware crypto wallet aims to be one the safest means to store digital assets, however, the latest incidents show that even they become vulnerable.

Ledger, the digital asset hardware wallet manufacturer, was repeatedly attacked during the last few weeks. The users claim, that the fake “Ledger Live” Google Chrome application is here to blame.

The latest incident was spotted on Reddit a few days ago when the user reported that over 14.000 Ripple (XRP) worth nearly $2.4k USD has been stolen from her Ledger Nano wallet. She also added to be witnessing process of her XRP funds have been transferred to the other account that is currently holding over $2.5 million in XRP coins worth over $14.7 million USD.

The user writes that she only downloaded Ledger app, which seemed to look official and legitimate and even had over 70 positive reviews. According to her, suspicious activity started when she downloaded the app:

Once you download the Chrome extension, it will ask for the version of Ledger you are using, followed by a screen prompting you to fill in your full set of keywords.

The woman, who also claims to be currently suffering the coronavirus, said she thoroughly typed in all the keywords, but the app did not appear to work. During less than 10 minutes her XRP account was emptied.

Ledger suffered from more attacks this month

The first warning about Ledger Live app being compromised started to appear at the beginning of the March when the Security Director of the MyCrypto platform discovered malicious application stealing Ledger wallet recovery seed phrases that allow hackers to gain access to the victim’s private cryptocurrency keys.

In his interview with the ZDNet portal, he said that the fraudulent extension tries to trick users into thinking that this is the Chrome version of the original Ledger Live app, which would allow users to check balance or approve transactions through the Chrome browser.

Ledger reacted immediately as the support team informed about phishing alerts on fake Chrome extension, attempting to steal users’ virtual assets by asking them to enter their 24-word recovery phrase to access their wallet:

Furthermore, the XRP forensic team confirmed last week, that the same malicious app collected backup passphrases to empty users accounts. The team, that is working to prevent fraudulent activity on the XRP Ledger, said in the series of tweets, that nearly 1.4 million Ripple coins has been stolen during the last month.

The malicious program, that imitates the official Ledger Live application, currently seems to be removed from the Chrome web store. According to the report, the app might be installed by nearly 120 users. It was also heavily advertised on Google Ads via the search phrase “Ledger Live”.

Phishing and various other kinds of scam, especially the coronavirus scam, become a serious threat to the blockchain and cryptocurrency industries. The number of cryptocurrency-related scams is continuously growing, reaching over 37 thousand of cases within the past year alone and making it the second most risky scam among North Americans.

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Milko Trajcevski

Milko Trajcevski is a DailyCoin news reporter, mainly focused on Ethereum (ETH), Cardano (ADA), and their founders (Vitalik Buterin and Charles Hoskinson). Milko is an avid follower of crypto and blockchain technology and has written thousands of articles on the subjects. He finds joy in transforming complex issues into written content that anyone can understand. Milko has used and analyzed numerous exchanges, such as Coinbase, FTX, and Binance. He also closely follows all of the latest news around the largest decentralized exchanges (DEXs). Location: Skopje, Macedonia