Fake Chrome extension allegedly stole 1.4M XRP

on Mar 25, 2020
  • Another XRP scam was recently revealed and reported by a Twitter user known as 'xrplorer forensics.'
  • The scam features a fake Ledger extension for Chrome, called Ledger Live, which collects users' passphrases and empties their wallets.
  • So far, scammers managed to steal as much as 1.4 million XRP coins from users who installed the fake add-on.

Follow Invezz on Telegram, Twitter, and Google News for instant updates >

Cryptocurrency scams that result in massive thefts are nothing new in the crypto industry. However, most of the scammers tend to go for Bitcoin, as it is the most expensive, or some other coin of high value.

Are you looking for signals & alerts from pro-traders? Sign-up to Invezz Signals™ for FREE. Takes 2 mins.

Recently, however, online fraudsters started targeting XRP users, most likely because Bitcoin scams became difficult to successfully pull off. Whether or not this is actually the reason behind the change, experts are reporting large quantities of XRP that scammers are stealing with a new fake Chrome extension, called Ledger Live.

How does the fake Ledger Live extension work?

Copy link to section

Ledger Live is a fraudulent extension that uses the name of a famous Ledger wallet. Many are familiar with the Ledger wallet, as it is one of the most popular hardware wallets in the industry. It is an online wallet that doesn’t have constant access to the internet, precisely for the purpose of keeping the users’ coins safe.

With that in mind, having an online browser extension does not make much sense, but many have still fallen victim to the scam while seeking a handy way to manage their coins.

According to reports, the fake extension collects the users’ backup passphrases and then uses them to steal the coins. It was reported by a Twitter user called xrplorer forensics (@xrpforensics), who revealed it in a series of tweets.

Furthermore, the user also reported that the fake extension also managed to trick Google itself, as it appears to be advertised in Google searches. It collects the data via Google Docs, and those behind it managed to steal over 200,000 XRP tokens in the past month alone, as the report says.

Later on, the xrplorer forensics provided a more accurate report, noting that the real figure is much higher — around 1.4 million coins. He added that the majority of the stolen coins are still in accounts, but the ones that were cashed out were taken to HitBTC.

Scams against XRP users on the rise

Copy link to section

xrplorer forensics also provided advice for every Ledger user: “Don’t EVER download tools for your hardware wallet from other places than the vendor directly. The screenshot shows a POST request from an extension.”

This is far from the first time that scammers have targeted XRP and its community, but the trend does seem to be on the rise. Previously, scammers used a fake RIpple Insights page to promise fake giveaways and airdrops. Also, XRP within Ledger wallets was also targeted and compromised nearly a year ago, in June 2019.

Finally, there was also a fake Brad Garlinghouse account on YouTube, that promoted another XRP airdrop scam.