Ledger Wallet Warns of Fake Google Chrome Extension Stealing Crypto

Published at: March 6, 2020

Major cryptocurrency hardware wallet supplier Ledger has warned its users about another phishing attack trying to steal their crypto — this one using a Google Chrome extension.

In a March 5 tweet, the French crypto company specified that there is a fake extension on Google Chrome browser that attempts to steal users’ crypto by asking them to enter their 24-word recovery phrase to access their wallet.

Ledger Live gets removed from the Chrome Web Store

The phishing attack was reported by Catalin Cimpanu, a cybersecurity reporter at business technology news website ZDNet on March 4. According to Cimpanu, the malicious Chrome extension was first discovered by Harry Denley, director of security at blockchain interface platform MyCrypto.

According to the report, the fake Chrome extension is called Ledger Live. It tries to mimic the real mobile and desktop application Ledger Live that allows Ledger wallet users to approve transactions by syncing their hardware wallet with a trusted device. As of press time, the fake Ledger Live extension had apparently been removed from the Chrome Web Store. According to the report, the phishing extension was downloaded at least 120 times before it was taken down.

Fake extension was advertised by Google Ads

As reported by ZDNet, the malicious extension was trying to mislead users into thinking that it represented the Chrome version of the original Ledger Live app, which would allow them to check balances and approve transactions via Chrome. Users were apparently offered to install the extension and connect their Ledger wallet to it by entering the wallet's seed phrase — a backup phrase or word seed used to get access to their wallets.

MyCrypto exec Denley, who first uncovered the phishing attack, reportedly ridiculed the malicious extension by claiming that it makes no sense to install and use such an extension with a hardware wallet that is meant to protect funds by storing cryptocurrency offline.

However, Denley still admitted that he would not be surprised if the fake extension has tricked people, adding that it’s a “big problem in the cryptocurrency area, to teach people their private keys/mnemonics should stay offline.” The malicious extension could apparently have misled some users, taking into account the fact that it was advertised by Google’s online advertising platform Google Ads, as reported by Denley.

Source: Twitter

In the warning announcement, Ledger emphasized that the platform would never ask its users for their recovery phrase, urging that to never share the 24-word seed phrase or enter it into any device connected to the Internet. This is, however, not the first time that Ledger users encountered a fake Chrome extension. As reported by Cointelegraph in early January, another malicious Chrome extension stole about $16,000 in privacy-focused cryptocurrency Zcash (ZEC).

Tags
Related Posts
Bitcoin in the Palm of Your Hand — Crypto Hardware Wallets Review
A hardware wallet may just be the safest way to store cryptocurrency for average users. Nowadays, many different devices are trying to tackle the challenges of secure crypto asset storage. In this article, Cointelegraph will review some of the most well-known hardware wallets and compare their features. The cryptocurrency wallets that will be covered in this article are Ledger’s Nano X and Nano S, SatoshiLabs’s Trezor One and Trezor Model T, ShapeShift’s KeepKey, and Coinkite’s Coldcard and Opendime. It is also important to point out that all the wallets tested in this article, other than the Ledger Nano S (which …
Bitcoin / March 26, 2020
Crypto Exchange Rokkex Incorporates Ledger Vault to Improve Security
French hardware wallet producer Ledger will provide its asset management system to Estonia-based crypto exchange Rokkex. Cybersecurity-focused exchange Built by Lithuanian cybersecurity and fintech professionals, Rokkex will integrate its trading platform with Ledger’s enterprise wallet management solution Ledger Vault to secure its crypto assets, according to a news release shared with Cointelegraph on Aug. 20. Lukas Krikstaponis, Rokkex’s co-founder and CEO, said that the platform has successfully tested Ledger’s technology on its platform to date. Demetrios Skalkotos, global head of Ledger Vault, explained: “Rokkex’s customers expect full transparency and protection from crypto hacks. [...] By leveraging Ledger Vault, Rokkex will …
Altcoin / Aug. 20, 2019
IOTA Foundation Launches Trinity, a New Software Wallet for IOTA tokens
The IOTA Foundation has launched the Trinity wallet, as the organization announced in a press release on July 2. The announcement advertises the Trinity wallet as an improve to both ease-of-use and security for users conducting transactions in IOTA, with the purported goal of appealing to both new and advanced users. Reportedly, the wallet’s beta version has seen 160,000 downloads and transactions worth over $1.8 billion of IOTA. Cybersecurity firms SixGen andAccessec audited the application in advance of release. As a software wallet, Trinity is designed for compatibility with Ledger’s hardware wallets, as Ledger has worked alongside the IOTA Foundation …
Altcoin / July 2, 2019
GateHub Releases PSA on Phishing Scam Targeting Its Ripple Wallet Users
Ripple (XRP) wallet and gateway-as-a-service provider GateHub has warned that there is a phishing scam campaign targeting its cryptocurrency wallet users, as per an announcement on June 13. According to the announcement, GateHub’s wallet users are being sent malicious emails from addresses that look like they are from GateHub: “@gatehub.com” and “@gatehub.net.” The emails instruct the users to transfer their funds to a “secure” wallet, which is owned by the attacker, because their private keys are allegedly compromised due to insufficient security precautions. GateHub notes that, in addition to the attack being an unaffiliated phishing attempt, the service provider never …
Altcoin / June 13, 2019
Ledger Discloses Five Reported Vulnerabilities in Two Models of Trezor Hardware Wallets
Major hardware wallets manufacturer Ledger has unveiled vulnerabilities in its direct competitor Trezor’s devices, according to a report published on Monday, March. 11. As of press time, Trezor was not immediately available to comment on Ledger’s findings. The study states that the vulnerabilities were found by Attack Lab, the company’s department that hacks into both its own and competitors’ devices to improve security. Ledger claims that it has repeatedly addressed Trezor about weaknesses in their Trezor One and Trezor T wallets, and has decided to make them public after the responsible disclosure period ended. The first issue is related to …
Blockchain / March 11, 2019