Ledger users, beware. There are some bad actors operating right now looking to seize your backup seeds. If you see an ad on a Google search for a Ledger Live Chrome extension – avoid it like the plague. According to xrplorer forensics, around 1.4MN XRP has already been stolen so far–but all coins are at risk.
XRP Users Hit Hardest by Fake Extension
Yesterday, xrplorer forensics put out a warning tweet telling its followers that more than 200k XRP had been stolen in the past month. This is due to fake “Ledger Live” Chrome extensions that are stealing its victims’ backup phrases to get its hands on their cryptocurrency. It warned that:
Accounts are being emptied
Fake “Ledger Live” chrome extensions are used to collect user backup passphrases. They are advertised in Google searches and use Google Docs for collecting data. Accounts are being emptied and we have seen more than 200K XRP being stolen the past month alone.@Ledger @Google
— xrplorer forensics (@xrpforensics) March 24, 2020
The XRP forensics explorer only had data pertaining to XRP. However, it warned that all cryptocurrencies were at risk, saying:
We don’t have figures from other currencies. Don’t EVER download tools for your hardware wallet from other places than the vendor directly. The screenshot shows a POST request from an extension.
Rather alarmingly, a few hours later, the XRP tracker posted a second update. Its initial figures were nowhere near the true numbers. In actual fact, it was closer to 1.4M stolen XRP:
We were a bit quick to add a 200K XRP figure to this. It is close to 1.4M.
— xrplorer forensics (@xrpforensics) March 24, 2020
According to further analysis, the team was able to gather that while most of the stolen XRP was still held untouched in an account, some funds had recently been sold on HitBTC. The crypto exchange has been notified, however it has so far failed to officially respond to the issue.
Most are still in accounts, what has been cashed out has been so through @hitbtc
— xrplorer forensics (@xrpforensics) March 24, 2020
Always Follow Best Practices Online
This latest warning doesn’t just apply to XRP holders or even Ledger users. This is a wake-up call to everyone in the space. With north of $4.5bn worth of cryptocurrency stolen in 2019 alone, you should always follow best practices online.
That means never clicking on links through emails to reach your wallet or exchange account. Never downloading a plugin unless you’re 100% sure of the source, and bookmarking the official page so that you can trade and transact with confidence.
There are a lot of hackers and scammers in the cryptocurrency space looking to steal your funds. Don’t make their jobs any easier for them.
What do you make of the latest XRP scam? Let us know your thoughts in the comment section below!
Images via Shutterstock, Twitter @xrpforensics origin »
As per a tweet from the official MetaMask team, its popular Ethereum interfacing application was suddenly removed from the Google Chrome web store. For the uninitiated, MetaMask is an innovative plugin that allows its users to run and interact with Ethereum decentralized applications (DApps), requiring nothing but your browser and an internet connection.
21 июля Tron [TRX] представили свой новый проект «TronLink» — расширение для браузера, призванное повысить доступность блокчейна Tron, сообщает AMBCrypto. В своем официальном аккаунте в Твиттере Tron Foundation написали: Check out Tronlink, the Chrome extension built by @TronWatch! Developers will now be able to create and interact with DApps from a browser, a major step […]
Запись Разработчики Tron представили свое расширение для браузера Chrome впервые появилась Криптовалюта.Tech.
The other day, a friend called me and said that his Google Chrome browser is acting weirdly and may need reinstalling. According to him, every time he searched for something on Google some unknown website appeared with suspicious results.
Один из самых популярных криптокошельков MyEtherWallet второй раз за год пострадал от серьёзного нарушения безопасности после того, как широко используемый VPN-сервис Hola оказался скомпрометированным.
Представители популярного Ethereum-кошелька Myetherwallet заявили о том, что ряд пользователей могли стать жертвами хакеров. Речь идёт о тех, кто пользовался бесплатным VPN-сервисом Hola в браузере Chrome.
Пользователи криптовалютного кошелька MyEtherWallet (MEW), пользующиеся бесплатным VPN-плагином Hola, могли стать жертвами хакерской атаки. Urgent! If you have Hola chrome extension installed and used MEW within the last 24 hrs, please transfer your funds immediately to a brand new account! — MyEtherWallet.
With over 500 Million users, Adblock Plus could be considered a very popular plug-in/web browser extension. If you’re not aware of it, Adblock Plus is a piece of advert-blocking software that uses its inbuilt technology to block adverts within various different web browsers, from Safari to Internet Explorer, Google Chrome and Mozilla Firefox, to name but a few.
