Malware Chrome extension steals $16,000 from Ledger wallet user

Malware Chrome extension steals $16,000 from Ledger wallet user

If you have a Google Chrome extension named ‘Ledger Secure’ installed, you should consider removing it immediately. Confirmed reports claim that the extension is actually malware capable of stealing crypto from Ledger hardware wallets.

Early Thursday morning, a software architect who goes by the username WizardofAus (@BTCSchellingPt) tweeted a warning that the extension was not a legitimate Ledger extension but was, in fact, a malicious piece of crypto-stealing malware.

According to WizardofAus, the malware has already claimed at least one victim, allegedly stealing 600 ZEC – roughly US$16,000 – from Twitter user @hackedzec.

Following the installation of the Ledger Secure extension and subsequent theft of his ZEC, @hackedzec noted that he had found code on his computer leading him to conclude that he had been phished and a “random file” that he was able to track down to a Twitter account promoting the extension.

Ledger’s official support Twitter account confirmed that the malware is not a legitimate Ledger application and is encouraging anyone who may have installed it to contact the company and report it to Google.

An expensive lesson learned

This incident serves to remind us to pay close attention to what we download and which websites we access.

To help ensure that the app or extension you are installing is legitimate, it is a good idea to download it directly from the provider whenever possible.

If you see an app in a repository that isn’t on the provider’s website, don’t be shy about contacting them to ask if it is a legitimate app.

And if you’re using the same device to manage your crypto assets that you use for general online use, be extra diligent.

Even better, have a separate machine – or at least a Virtual Machine – that is reserved solely for your crypto activities.

Hackers fancy crypto wallets

This is not the first time that hackers have targeted crypto wallet users. Only last October, the hackers used Russian malware to launch widespread botnet attack on cryptocurrency wallets.

Part of the reason they are so often targeted is the availability of cheap tools enabling them to do so.

Cybersecurity firm Prevalion recently wrote about a massive ongoing cyber-crime campaign called MasterMana Botnet which targeted, among other things, cryptocurrency wallets.

The software used by the hackers in these attacks sells for as little as $100 online.

And just last month, Micky reported on a botnet that would be capable of bringing down the Bitcoin Lightning Network for around $400.

An update on the stolen ZEC

Less than an hour ago, the victim of the Ledger Secure malware posted an update on Twitter claiming to have tracked down 300 of the 600 stolen ZEC.

According to @hackedzec, the stolen coins have been transferred to two separate wallets on an exchange. There has been no word yet as to which exchange the coins were sent to or if the victim has been in contact with the exchange.

Micky is a news site and does not provide trading, investing, or other financial advice. By using this website, you affirm that you have read and agree to abide by our Terms and Conditions.
Micky readers - you can get a 10% discount on trading fees on FTX and Binance when you sign up using the links above.