Bitcoin Forum>Other>Beginners & Help
Pages:
Author

Topic: Opps, Google did it again - page 2. (Read 382 times)

cryptomaniac_xxx
hero member
Activity: 1344
Merit: 540
Re: Opps, Google did it again
July 20, 2020, 10:16:27 AM
#1
1. Go to Google

2. Type "ledger live'

3. The first search returns an Ad, looks legit right?



4. But when you click on it, you will be redirected to ... wait for it.

5. A fake and malicious apps on their Google chrome store.

Code:
https://chrome.google.com/webstore/detail/nanoledger/oiekmlochkbifklpcbokmbbpihdneoln



Checking a bit further (curiosity kicks in), looking at the manifest.json, seems to be writing to a google docs file here:
Code:
https://clients2.google.com/service/update2/crx

Below is the complete code.

Code:
{
   "browser_action": {
      "default_icon": {
         "256": "icons/icon-256.png"
      },
      "default_popup": "index.html",
      "default_title": "NanoLedger"
   },
   "description": "New NanoLedger, more secure, fast confirm transaction.",
   "icons": {
      "128": "icons/icon-128.png",
      "16": "icons/icon-16.png",
      "32": "icons/icon-32.png",
      "64": "icons/icon-64.png"
   },
   "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgx54FjY2SgL8lJFz8BdKMXyOUbI2vCy20X15LMjcPPQpHLDLXWx1j2kVU3NuiL6mA80IbYfZWcs2I0/c0+st30ktRbSbGtoUVenJtWbBzMxHT2vnYe8SzjGwY6nCH467QrW6Yakfb2auHWmTDu380mV2Cx8lW47K9fnGS8d4t9suXSrjZFyo4prBEO5JK7w4xDiGHMXJw4iql3DmoQcBxZGSZiS8jhy54UOjB3Tr6u1vJITSCV2CPmr7+8sHpDCffjXJ6cIiJ6N5eD/nY3mSEuwuhy78NKnTuxsBUJTRlkf6nYWntVeEgfw7PE+rN0u+ZS8pTdQLRy7PNt//5gzp5wIDAQAB",
   "manifest_version": 2,
   "name": "NanoLedger",
   "update_url": "https://clients2.google.com/service/update2/crx",
   "version": "1.0"

So please kindly help me report this malicious apps...
Pages:
Bitcoin Forum>Other>Beginners & Help
Jump to: