Wednesday, 25 March 2020

Fake Ledger Live Google Chrome Extension Stole 1.4M XRP

 


A fraudulent Google Chrome extension has allegedly stolen as much 1.4 million XRP from users this month alone.
In a series of tweets published on March 24, the research team “xrplorer forensics” claimed that fake Ledger Live extensions are being used to collect user backup passphrases:

''  They are advertised in Google searches and use Google Docs for collecting data. Accounts are being emptied and we have seen more than 200K XRP being stolen the past month alone.''


Revising this initial figure, xrplorer forensics later amended its estimate to “close to 1.4M.”

The fraudulent extension is still available on Google Store

 

 

According to the researchers, most of the stolen XRP appears to still be held in accounts, with a proportion cashed out via the crypto exchange HitBTC.
Sharing a screenshot of a post request from the alleged scam, xrplorer forensics warned the community against downloading tools for their hardware wallets from any developer other than the vendor directly — in this case, French crypto hardware wallet manufacturer, Ledger. 

No comments:

Post a Comment