1.4M XRP Stolen via Fake ‘Ledger Live’ Chrome Extension; Still Available on Google

Only fools opt for bitcoin according to Peter Schiff…
March 25th 2020
Forte onboards 5 new partners to stimulate blockchain in gaming
March 25th 2020


Approximately 1.4 million XRP has been stolen from the users in the month of March alone through the use of a fake Google Chrome extension.

Through a thread of tweets released on March 24, a research group known as xrplorer forensics, revealed that hackers are stealing user backup passphrases through fraudulent Ledger Live extensions. Xplorer forensics stated:

“They are advertised in Google searches and use Google Docs for collecting data. Accounts are being emptied and we have seen more than 200K XRP being stolen the past month alone.”

twitter-tweet” data-width=”550″ data-dnt=”true”>

We don’t have figures from other currencies. Don’t EVER download tools for your hardware wallet from other places than the vendor directly. The screenshot shows a POST request from an extension. pic.twitter.com/ct4IreHeM4

— xrplorer forensics (@xrpforensics) March 24, 2020

After a while, xrplorer forensics revised the figure from 200k XRP to 1.4 million.

As per the researchers, the majority of the stolen XRP seems to be still intact in accounts, however, a proportion of it has already been cashed out through crypto exchange platform HitBTC.

The researchers have cautioned the public from downloading tools to use within their hardware wallets from different developers apart from the vendor directly. They particularly single out Ledger users and caution them from downloading tools apart from the manufacturer only.

By publication time, two ‘LedgerLive’ extensions are available on Google store for use with Chrome browser. The two extensions comprise of a couple of user reviews that are in tandem with xrplorer forensics warnings.

Through their Twitter account, xrplorer forensics has alleged that about 300 million XRP which is at the moment in different XRP accounts has been earmarked as fraudulent. The researchers claim that most of it has originated from the PlusToken exit scam. In their estimation, about 13 million XRP has originated from different scams and theft schemes.

The researchers have also called out crypto exchange platform bithunter.io, questioning why it didn’t observe the AML alerts for various big and reportedly suspicious transactions. As per the researchers, about a third of the entire XRP received by bithunter comes from suspicious accounts that are in their advisory list.

The researchers also caution other exchanges to be vigilant as scammers are currently consolidating their loot, urging them to be extra careful with the incoming payments.





Source link

XRP vi.be Editor
XRP vi.be Editor
Editor at XRPvi.be, gathering information and insights about Ripple, XRP and related things from around the internet. Opinions deriving from any content do not represent ours. All content copyrights are with the original creators and holders. By clicking on the 'source' link you can visit the originating place of the content.

Leave a Reply

Your email address will not be published. Required fields are marked *