US, WASHINGTON (ORDO NEWS) — Fake applications and extensions abound on the Net, and it is better to be sure of their legitimacy before entering your private keys. Unfortunately, this is exactly what just happened with a fake “Ledger Live” that allowed scammers to pocket 1.4 million XRPs.
Cybersecurity experts at xrplorer forensics said on Twitter they found a fake extension for the Chrome browser, which masquerades as the Ledger Live app.
The legitimate version of this application allows you to interact with the portfolios of the Ledger brand (the famous Nano S and X ).
Analysts say this rogue version of the Ledger Live extension collects user mnemonics , allowing hackers to divert funds for their own benefit.
This scam has already brought in 1.4 million XRPs – nearly $ 225,000 at the moment – to these authors. It still seems to be among the first results returned in Google Search .
As shown in the screenshot below, the compromised information is automatically sent to a Google Docs page , which is controlled by hackers.
Experts at xrplorer forensics are only interested in Ripple’s XRP token, but they do not exclude that other cryptocurrencies could have been also hijacked by this fraudulent extension.
Some of the stolen XRPs have already been removed from the victims’ wallets to the HitBTC exchange platform , which is now aware of the situation.
This sad affair is a good opportunity to remember that one must always be careful when downloading such software. It is imperative to recover them directly on the manufacturer’s site for hardwares wallets, or on the official page of the crypto project for hot wallets.
Contact us: [email protected]
The article is written and prepared by our foreign editors from different countries around the world – material edited and published by Ordo News staff in our US newsroom press.