Cybercriminals continue to create and distribute fake Ledger Chrome extensions mimicking the original Ledger wallet app. These extensions haunt cryptocurrency holders by collecting the seed phrases, which are in turn used to empty the wallets of unsuspecting victims.
While this tactic no longer proves effective for crypto veterans, data shared on Tuesday by a Twitter user revealed that still many people are falling victim to fake Ledger chrome extensions.
We don’t have figures from other currencies. Don’t EVER download tools for your hardware wallet from other places than the vendor directly. The screenshot shows a POST request from an extension. pic.twitter.com/ct4IreHeM4
— xrplorer forensics (@xrpforensics) March 24, 2020
Per the data, these extensions which are advertised via Google Searches amassed as much as 1.4M XRP (appr. $222,460) in the last month alone, while the numbers could be way higher if the stolen sum in other cryptocurrencies were added.
The perpetrators using Google Docs to collect data, in a manner that users do not suspect.
As a precautionary measure, crypto holders using Ledger Wallet, one of the most secure hardware wallets are advised against downloading tools for sources other than the product vendor directly.
Although, cybercriminals will always continue to deploy more tools and strategies, learning how to properly secure one crypto-assets is arguably a core requirement for anyone seeking to be a part of the crypto revolution.
Meanwhile, in a similar update in June, Coinfomania reported a fake Ledger Wallet support number found on Google. Ledger subsequently confirmed that it doesn’t have a phone support number.