Fake Chrome extension steals crypto from users, warns Ledger Wallet

Crypto wallet supplier, Ledger, recently issued a warning against phishing attacks that are stealing digital coins from unsuspecting investors. However, this time, the attackers are acting through a Google Chrome extension, as revealed by the French crypto company.

https://twitter.com/Ledger_Support/status/1235578552457687041?s=20

Ledger warned the users via Twitter, claiming that a fake extension for the browser will try to steal the users’ coins directly, by asking the users to enter a recovery phrase for accessing their wallet. The attack was originally reported by a cybersecurity reporter at the business technology news site ZDNet, Catalin Cimpanu.

https://twitter.com/campuscodi/status/1235391330160787456?s=20

Cimpanu published the report on March 4th, only a day before Ledger helped spread the word via Twitter. According to the report, the extension was discovered by the blockchain interface platform MyCrypto’s director of security, Harry Denley. The report also notes that the extension in question is called Ledger Live, as it attempts to mimic the real Ledger Live app, which Ledger wallet users need in order to approve transactions. At the time of writing, Chrome Web Store had already removed the fake app, reacting rather quickly to the reports, but the app had already been downloaded around 120 times before the removal.

The extension was advertised by Google Ads

As mentioned, the extension was trying to trick users into thinking that it is an official Chrome version of the real Ledger Live app that would allow users to approve transactions, check balances, and alike — all through the convenience of the Chrome browser. After the users would install the extension, they were offered to connect it to their ledger wallet by entering the seed phrase, which is a backup phrase/word that is used for accessing the wallets. Denley noted that the existence of such an extension makes no sense, as the whole point of a hardware wallet is to keep it safe by keeping it away from the internet. This is the reason why hardware wallets are so safe, in the first place, so anyone who understands the dangers of storing and managing their own money would have likely seen right through the fake app. However, he added that he would not be surprised if the extension did manage to trick a lot of people, as many who use crypto have yet to learn that private keys should stay offline. Not to mention the fact that the fake app was somehow advertised by Google Ads, which could have convinced some users that it was a legitimate app.

https://twitter.com/sniko_/status/1235350687048814592?s=20

As a part of its warning, Ledger stressed that it would never ask for its users’ recovery phrase and that any app that claims to have been created by the company does ask for it, is fake.