Twitter User Warns About a Chrome Extension Malware Called Ledger Secure

Twitter User Warns About a Chrome Extension Malware Called Ledger Secure

A Twitter user and software architect, named as WizardofAus, warns crypto community about malware contaminated Google Chrome extension called Ledger Secure.

In a tweet posted on January 2, WizardofAus said that this is not a Ledger product asked users to remove it if they have installed it. WizardofAus’ tweet reads:

Malware Chrome extension alert

If you have “Ledger Secure” installed – REMOVE IT.

The @ChromeExtension “Ledger Secure” contains malware that passes your seed phrase back to the extension’s author.

This is *not* a @Ledgerproduct.

Successfully used against @hackedzec”

The affected user mentioned in the tweet, hackedzec lost 600 ZEC, valued at approximately $16 K at the time of tweet, in his Ledger Nano by the Chrome extension’s creator. WizardofAus told in his next tweet.

WizardofAus also mentioned the Casa founder Jeremy Welch’s warnings last year against browser extension malware at the Bitcoin (BTC) event Baltic HoneyBadger in Riga.

In his next tweet, he outlined the risks posed by these products, and asked users to be diligent. He said:

Firstly, be very careful what extensions you install. If you’re using the same computer for your crypto as you use generally, be extra diligent.

Better to have a separate minimal machine – or use a Virtual Machine that is the only place you do crypto activity.”

crypto security

WizardofAus further said:

For using software with your hardware wallets, use the wallet vendor’s software.

When you get that software, check it comes from the vendor’s website, that the link is secure, and ideally you can validate the software checksum.

Please learn from others’ expensive lessons”

Hackedzec Twitter account was notably created in January 2020. The anatomy of the account shows that he created the account specifically to spread awareness following his experience of the malware.

The Twitter handle of Ledger Support also confirmed the detection of malware extension saying that this not a legitimate Ledger product.

Ledger Secure is not the only Chrome extension that contains malware. On December 31, cybersecurity and anti-phishing expert Harry Denley also warned about an Ethereum (ETH) wallet known as Shitcoin Wallet reportedly injecting malicious JavaScript code from open browser windows to steal data from its users. According to Denley, this Chrome browser crypto wallet is attacking MyEtherWallet and other well-known websites containing users’ passwords and private keys to cryptocurrency.

The number of cryptojacking activities was on rise in 2019 as a report from McFee Labs published in August 2019, revealed that cryptojacking raised 29% just in the first quarter of 2019.