Author

Topic: Stolen recovery seeds by malicious Chrome extensions. (Read 104 times)

legendary
Activity: 2772
Merit: 1028
Duelbits.com
Malicious Ledger Live app is used for stealing the recovery seed after connecting the hardware wallet device. The well-designed Chrome extension tries to trick users into thinking this is the original version of the Ledger Live app while the app, in reality, collects and sends the user's Ledger seed phrase to a Google Form. The google ADS are heavily used for advertising the extension and 120 users have downloaded it. Be careful with third-party apps and never try the risky apps from unknown sources. Source for rest of research.
Jump to: