- A fake Ledger Live Browser extension for Google Chrome is currently circulating, which uses the name of the hardware wallet manufacturer’s software to steal cryptocurrencies.
- In addition, a fake account under the name of the Ripple CEO, Brad Garlinghouse, is causing a stir on YouTube. The account is advertising a fake airdrop.
The manufacturer of the Hardware Wallet Ledger already reported in early March a fake Google Chrome plugin, which is used by hackers to steal cryptocurrencies. However, the user xrplorer forensincs was able to determine that the extension is still active and is part of some ads in the Google browser.
The fake plugin is called Ledger Live, like the original software, and uses phishing to steal recovery seeds, passwords and other user information. It was also discovered that the application tries to imitate the functions of the original Ledger wallet software.
Fake “Ledger Live” browser extension: 1.4 million XRP stolen
According to previous reports, the fake browser extension was denounced and it was thought to have been removed from Google. However, due to recent thefts of XRP tokens, the user xplorer forensincs claimed via his Twitter account:
Accounts are being emptied and we have seen more than 200K XRP being stolen the past month alone. We don’t have figures from other currencies. Don’t EVER download tools for your hardware wallet from other places than the vendor directly. The screenshot shows a POST request from an extension.
After further investigation, xplorer forensincs claimed that the initial number of 200,000 XRP was inaccurate. In fact, the counterfeit application succeeded in stealing 1.4 million XRP. The researcher found that most of the money remained in crypto addresses:
Most are still in accounts, what has been cashed out has been so through HitBTC.
The researcher said that so far they have not been able to determine the amount of funds that the application has stolen in other cryptocurrencies. Another Twitter user, Andy_SPQR, also reported the appearance of a fake YouTube account. According to the user, the fake account impersonates Ripple CEO Brad Garlinghouse. The fake account uses a video that advertises a fake airdrop that is part of its scam.
We don't have figures from other currencies. Don't EVER download tools for your hardware wallet from other places than the vendor directly. The screenshot shows a POST request from an extension. pic.twitter.com/ct4IreHeM4
— xrplorer forensics (@xrpforensics) March 24, 2020
In contrast, as reported by CNF, XRPL Labs developer Wietse Wind confirmed yesterday the release of the beta version of the banking application XUMM. The app will allow its users to access services of a traditional bank without the intervention of third parties. For example, they can maintain fiat currencies (such as dollars and euros) as well as XRP and have contact information and a transaction log.