Fake Ledger Live: Chrome extension stole over 200K XRP in last month alone, report claims

A Fake Ledger Live extension on Google Chrome has been stealing crypto assets from the accounts of its users. The extension has stolen over 200k XRP coins in the last month alone, with the total stolen amount being close to 1.4 million XRP coins. The case was reported by “xplorer forensics” in a series of Twitter updates on 24 March.

Fake Ledger Live

The Tweets also revealed that the Fake Ledger Live extension is used to collect backup passphrases by scanning user data. The extension is advertised in Google searches and uses Google Docs for collecting data. After collecting appropriate information, the extension is then used to empty the accounts of the user. The researchers claim they tracked the theft of over 200K XRP in the last month.

As per the researchers, most of the stolen XRP coins are held in accounts, while a fraction of them was cased through the crypto exchange platform HitBTC.

The researchers shared a screenshot of a post request from the alleged scam while warning the community against such tools. The researchers warned people from downloading tools for their hardware wallets from any source other than the vendor directly.

Currently, there are two Ledger Live extensions available on the Google Store for the Chrome browser. However, both of these browsers contain multiple reviews seemingly from xplorer forensics warning people against the scam. 

Xplorer forensics also revealed that nearly 300 million XRP coins held in XR{ accounts are flagged as fraudulent. They claim that the majority of these assets come from PlusToken exit scam, while 13 million XRP comes from other thefts and scams.

Featured image by pixabay.

Uncategorized

About the author