Twitter users found a fake extension for Google Chrome that steals the passphrase for password recovery. With its help, cyber criminals managed to steal more than 1.4 million coins XRP.
We don’t have figures from other currencies. Don’t EVER download tools for your hardware wallet from other places than the vendor directly. The screenshot shows a POST request from an extension. pic.twitter.com/ct4IreHeM4
— xrplorer forensics (@xrpforensics) March 24, 2020
The resolution called Ledger Live, which used the fraud, discovered at the beginning of March. It masquerades as a real tool from the Ledger of the same name, intended for users of wallets Ledger.
⚠ This is A malicious @Ledger extension is phishing for your wallet, secrets!
Extension ID: idnelecdpebmbpnmambnpcjogingdfco
121 users pic.twitter.com/JH6cZPz2vV
— harrydenley.eth ◊ (@sniko_) March 4, 2020
The scammers ask users to sync with the expansion of your wallet, typing in the seed-phrase. Subsequently, they use the data obtained to steal cryptocurrency.
As it became known today, only last month it abducted more than 200 thousand XRP. Twitter account xrplorer forensics also said that at the moment no data on other assets, so the damage could be much more.
It is noteworthy that the permission to advertise through Google. For data acquisition it uses Google Docs.
Earlier in YouTube found a fake account of the head Ripple brad Garlinghouse on whose behalf the crooks has announced the distribution of 50 million tokens, XRP in exchange for coins users.