Tuesday , October 20 2020

Dodgy Google Chrome extension reportedly causes $16K crypto theft

TNW uses cookies to personalize content and ads to
make our site easier for you to use.
We do also share that information with third parties for
advertising & analytics.

Powered by

Blockchain, cryptocurrencies, and insider stories by TNW.

They lost 600 Zcash

A malicious Google Chrome extension reportedly cost one user around $16,000 worth of cryptocurrency.

A bogus extension called “Ledger Secure,” that passes itself off as a cryptocurrency wallet, is believed to be responsible for the loss, Decrypt reports. The app allegedly sends a user‘s seed phrase back to its creators. With the seed phrase, bad actors can access another individual’s cryptocurrency illegitimately.

In @hackedzec‘s case, 600ZEC were taken from his Ledger Nano by the extension author.

That’s around 2.3BTC /USD$16k – bigtime pain.@jeremyrwelch from @CasaHODL presented on precisely this risk at Baltic HoneyBadger 2019 in Riga – malign browser extensions.

What’s to learn?👇

— WizardofAus 🇦🇺⚡🌮 [Jan3🔑] (@BTCSchellingPt) January 2, 2020

It should be noted that French company Ledger is not affiliated to the “Ledger Secure” extension.

In a tweet following the phishing scam, Ledger warned that “Ledger Secure” is not a legitimate application. It urged users to report the extension to encourage Google to remove it.


A Chrome extension malware has been detected called “Ledger Secure”. This is NOT a legitimate Ledger application

DO NOT use it and contact us if you’ve installed it:https://t.co/bRaDjYHZbY

You can help by reporting the extension:https://t.co/oltHbtA8RR

— Ledger Support (@Ledger_Support) January 2, 2020

The affected Twitter user, now going by the handle “hackedzec”, claims the extension led to them losing 600 ZEC — about $16,000 at the time of writing.

The victim says they only entered their seed phrase into their computer once, about two years ago. They also say they photocopied their seed phrase using a WiFi-connected printer once as well. It’s difficult to say if these two instances were to blame. How the malicious extension got hold of their seed phrase is unclear.

The victim became aware of the shady extension after they reportedly found a file on their computer that linked to a Twitter account for the fake “Ledger Secure” extension. The Twitter account appears to pass itself off as a legitimate Ledger account.

It seems Google is still a bit hit-and-miss when it comes to removing illicit cryptocurrency apps from its Play Store and browser extensions.

This news comes in the same week that MetaMask was removed from — and swiftly reinstated to — Google’s Play Store after thinking it was a cryptocurrency mining app.

Published January 3, 2020 — 12:39 UTC

Thank you!

Copyright © 2006—2020.
All rights reserved.
Made with in Amsterdam.

This Article was first published on thenextweb.com

About IT News Ug

Check Also

‘Mysterious’ billionaire cashes in $127M worth of Gates-backed pharma stock

TNW uses cookies to personalize content and ads to make our site easier for you …

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.