Save over 40% when you secure your tickets today to TNW Conference 💥 Prices will increase on November 22 →

This article was published on January 3, 2020

Dodgy Google Chrome extension reportedly causes $16K crypto theft

They lost 600 Zcash


Dodgy Google Chrome extension reportedly causes $16K crypto theft

A malicious Google Chrome extension reportedly cost one user around $16,000 worth of cryptocurrency.

A bogus extension called “Ledger Secure,” that passes itself off as a cryptocurrency wallet, is believed to be responsible for the loss, Decrypt reports. The app allegedly sends a user’s seed phrase back to its creators. With the seed phrase, bad actors can access another individual’s cryptocurrency illegitimately.

It should be noted that French company Ledger is not affiliated to the “Ledger Secure” extension.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

In a tweet following the phishing scam, Ledger warned that “Ledger Secure” is not a legitimate application. It urged users to report the extension to encourage Google to remove it.

The affected Twitter user, now going by the handle “hackedzec”, claims the extension led to them losing 600 ZEC — about $16,000 at the time of writing.

The victim says they only entered their seed phrase into their computer once, about two years ago. They also say they photocopied their seed phrase using a WiFi-connected printer once as well. It’s difficult to say if these two instances were to blame. How the malicious extension got hold of their seed phrase is unclear.

The victim became aware of the shady extension after they reportedly found a file on their computer that linked to a Twitter account for the fake “Ledger Secure” extension. The Twitter account appears to pass itself off as a legitimate Ledger account.

It seems Google is still a bit hit-and-miss when it comes to removing illicit cryptocurrency apps from its Play Store and browser extensions.

This news comes in the same week that MetaMask was removed from — and swiftly reinstated to — Google’s Play Store after thinking it was a cryptocurrency mining app.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with