Fake Ledger Chrome Extension Crypto Scam May Have Stolen Up to $2.5M

A fraudulent cryptocurrency wallet masquerading as legitimate Google Chrome extensions may be responsible for a scam operation that may have claimed as much as $2.5 million in XRP, according to a report from a Reddit user who claims to have lost roughly $2,500 in XRP to the scam extension over the weekend.

In the post, which was made on March 28, Reddit user ‘Leannekera,’ who also claims to be infected with the coronavirus, wrote that she felt “so embarrassed” after she “watched our xrp transfer from our account to an account that is currently holding over $2.5 million in xrp.”

“This is clearly a large operation,” she wrote.

And indeed, this may be the case--Ledger’s Twitter account warned users of fraudulent Chrome Extensions on March 5.

🚨PHISHING ALERT🚨

A fake Chrome extension has been found, asking to enter your 24 word recover phrase

⚠️NEVER share your 24 words
⚠️NEVER enter your 24 words into any internet-connected device
⚠️Ledger will NEVER ask for your 24 words

Read more: https://t.co/QNoSwptn3U https://t.co/QZKMmT6TMf

— Ledger Support (@Ledger_Support) March 5, 2020

As of March 24, researchers at xrplorer forensics estimated that one such fraudulent Ledger extension had made off with 1.4 million XRP (worth $235,775 at press time) in March alone.

Fake “Ledger Live” chrome extensions are used to collect user backup passphrases. They are advertised in Google searches and use Google Docs for collecting data. Accounts are being emptied and we have seen more than 200K XRP being stolen the past month alone.@Ledger @Google

— XRP Forensics (xrplorer.com) (@xrpforensics) March 24, 2020

Leannekera’s story

Leannekera said that sick, and in the isolation of quarantine, she made the decision to consolidate her Cryptocurrencies Cryptocurrencies By using cryptography, virtual currencies, known as cryptocurrencies, are nearly counterfeit-proof digital currencies that are built on blockchain technology. Comprised of decentralized networks, blockchain technology is not overseen by a central authority.Therefore, cryptocurrencies function in a decentralized nature which theoretically makes them immune to government interference. The term, cryptocurrency derives from the origin of the encryption techniques that are employed to secure the netw By using cryptography, virtual currencies, known as cryptocurrencies, are nearly counterfeit-proof digital currencies that are built on blockchain technology. Comprised of decentralized networks, blockchain technology is not overseen by a central authority.Therefore, cryptocurrencies function in a decentralized nature which theoretically makes them immune to government interference. The term, cryptocurrency derives from the origin of the encryption techniques that are employed to secure the netw Read this Term into Bitcoin Bitcoin While some may still be wondering what is Bitcoin, who created Bitcoin, or how does Bitcoin work, one thing is certain: Bitcoin has changed the world.No one can remain indifferent to this revolutionary, decentralized, digital asset nor to its blockchain technology.In fact, we’ve gone a long way ever since a Florida resident Laszlo Hanyecz made BTC’s first official commercial transaction with a real company by trading 10,000 Bitcoins for 2 pizzas at his local Papa John’s.One could now argue that While some may still be wondering what is Bitcoin, who created Bitcoin, or how does Bitcoin work, one thing is certain: Bitcoin has changed the world.No one can remain indifferent to this revolutionary, decentralized, digital asset nor to its blockchain technology.In fact, we’ve gone a long way ever since a Florida resident Laszlo Hanyecz made BTC’s first official commercial transaction with a real company by trading 10,000 Bitcoins for 2 pizzas at his local Papa John’s.One could now argue that Read this Term as “money is tight,” and she believed that the consolidation would “recoup around 20%” of her and her husband’s losses.

“I recalled the Ledger having a Chrome extension and this is when the scam starts,” she wrote.

The scam was particularly malicious because of steps that hackers may have taken to make it appear to be legitimate: “the only ledger extension on the Chrome store is one by the name of ‘Ledger Wallet’ or ‘Ledger Live,’” she wrote.

“It claims to be from Ledger.com ® or Ledger Official ® and for all intents and purposes looks legitimate. It even had over 70 positive 4-5 star reviews, ranging from ‘Its a little difficult to operate’ to ‘once I understood what to do it was easy.’”

However, the extension then prompted her to enter her wallets’ proprietary seed phrase, which allowed the hackers to take ownership of its private keys and send the XRP to their own wallet.

“The entire process took less than 8 minutes,” she said.

While the exact Chrome Extension she allegedly used is no longer online, Leannekera said that she had “seen it re-uploaded this morning” at the time of the post. Both of the links that she supplied to the alleged scam wallets were dead ends, seeming to indicate that they had been removed from the Chrome Web Store.

However, searching the web store revealed that there is a Ledger Wallet extension still live on the platform, and there are a number of reviews that say that it is a scam. Finance Magnates reached out to Ledger to confirm whether or not the app is associated with the company, but did not immediately hear back. This article will be updated when a response is received.

Unfortunately, fraudulent Chrome Extensions are nothing new to the world of cryptocurrency. In May of last year, a fake Chrome extension targeting Trezor users was discovered by ESET antivirus researchers.