InsideBitcoins.com

Hackers Targeting Chrome Extensions, Potentially Steals $2.5M

South Korean Upbit Users Targeted by Hackers

According to a Reddit post done earlier, it seems that a new fraudulent crypto wallet has begun to circulate. This scam, managing to disguise itself as a legitimate Google Chrome Extension, has potentially run out $2.5 million in XRP from various users, as the Reddit report claims.

Evidence Of Large Scale Crime

Through the Reddit post, made on the 28th of March, 20202, the Reddit user going by the name of “Leannekera,” who states that they were infected with COVID-19, wrote that they felt “embarrassed” after they were forced to watch their XRP be transferred from their own account to a new address, one that held $2.5 million in XRP.

Leannekera stated that this was “clearly” a massive operation because there was so much in the account.  Indeed, it seems they were right, as Ledger’s twitter account quickly issued out a warning on the 5th of March, 2020, about a fraudulent Chrome Extension. It’s entirely possible that these two are one and the same.

Preying On The Vulnerable

As of the 24th of March, 2020, XRPlorer Forensics had its researchers estimate that one such Ledger Extension scam has managed to make off with an impressive 1.4 million in XRP, which is worth about $235,775 at the time of writing. They managed to steal this amount of XRP in March alone.

Sad as it is, Leannekera stated that they had been sick and placed in quarantine. As their money was tight at the time, they decided to consolidate their respective forms of crypto in Bitcoin. With this, they believed they would be capable of recouping an impressive 20% of the total losses they and their husband had achieved due to this coronavirus crisis.

Wolves In Sheeps’ Clothing

They explained that they had remembered that Ledger had a Chrome Extension, which was the start of the scam. The malicious Extension is especially dangerous due to the sheer measures the hackers had taken to make it seem legitimate. As Leannekera explained, the Extension had the name of “Ledger Wallet” or “Ledger Live” in the chrome store.

The Extension claimed to be from Ledger.com, or otherwise Ledger Official, and had all the signs it needed to seem legitimate. It even had a slurry of 70 reviews, all giving it between 4 or 5 stars. These descriptions described the thing as a tad challenging to operate, but easy once you’ve figured it out.

After installation, Leannekera was prompted to enter their seed phrase, which allowed the hackers access to their private keys. In the span of 8 minutes, they managed to steal all of Leannekera’s XRP.

Top brokers for buying and trading cryptocurrencies

  • Platform
  • Features
  • Rating
  • Visit Site
  • US-Friendly
  • Paypal accepted
  • 12+ cryptocurrencies
4.5/5

Visit Site
75% of retail investors lose money.
eToro Reviews

    eToro Reviews

    https://insidebitcoins.com/visit/etoro-newsCreate your account
    Hide eToro Reviews
    • Best broker for non-US countries
    • Trade crypto CFDs, forex and stocks
    • No withdrawal or deposit fees
    4.5/5

    Visit Site
    80.5% of retail investors lose money.
    Plus500 Reviews

      Plus500 Reviews

      https://insidebitcoins.com/visit/plus500-newsCreate your account
      Hide Plus500 Reviews
      Remember, all trading carries risk. Past performance is no guarantee of future results.
      Avatar

      A journalist, with experience in web journalism and marketing. Ali holds a master's degree in finance and enjoys writing about cryptocurrencies and fintech. Ali’s work has been published on a number of cryptocurrency publications.