Tomcat
Professional
- Messages
- 2,695
- Reaction score
- 1,072
- Points
- 113
MyCrypto has discovered the Ledger Live Chrome extension actively advertised on Google. It masqueraded as a real Ledger Live tool for Ledger hardware wallet users and their mobile or desktop devices.
The scammers diligently maintained the appearance that the fake is the official version of Ledger Live for Chrome, which allows you to carry out exactly the same operations through the browser (check balances, confirm transactions). However, instead, the fake prompted users to install the extension and sync with it with their Ledger by entering the wallet seed.
A seed phrase is a 24-word string that is used to move wallet data between devices, as a recovery system in case a user loses or wants to change a device.
In essence, the fraudulent authorization did nothing else, it just showed a pop-up window asking for a seed phrase, and using Google Form, it collected and sent this data to its operators.
The scammers could then use the stolen seed phrases with their own Ledger wallet and "recover" other users' wallets (to gain access to their accounts and steal funds). Since Ledger hardware wallets can handle over 20 different cryptocurrencies, a hacker who manages to steal the seed can gain access to a lot of money.
The extension is currently still available on the official Chrome Web Store and has over 120 installations. In addition, according to the researcher, the extension is actively advertised through Google Ads using the keywords "Ledger Live".
