{"id":21495,"date":"2020-01-03T12:06:57","date_gmt":"2020-01-03T11:06:57","guid":{"rendered":"https:\/\/crypto-economy.com\/?p=21495"},"modified":"2020-01-03T12:06:57","modified_gmt":"2020-01-03T11:06:57","slug":"twitter-user-warns-about-a-chrome-extension-malware-called-ledger-secure","status":"publish","type":"post","link":"https:\/\/crypto-economy.com\/twitter-user-warns-about-a-chrome-extension-malware-called-ledger-secure\/","title":{"rendered":"Twitter User Warns About a Chrome Extension Malware Called Ledger Secure"},"content":{"rendered":"

A Twitter user and software architect, named as WizardofAus, warns crypto community about malware contaminated Google Chrome extension called Ledger Secure.<\/span><\/p>\n

In a tweet posted on January 2, WizardofAus said that this is not a Ledger product<\/a><\/strong> asked users to remove it if they have installed it. WizardofAus\u2019 tweet reads:<\/span><\/p>\n

\u201cMalware Chrome extension alert <\/span><\/em><\/strong><\/p>\n

If you have “Ledger Secure” installed – REMOVE IT.<\/span><\/em><\/strong><\/p>\n

The @ChromeExtension “Ledger Secure” contains malware that passes your seed phrase back to the extension’s author. <\/span><\/em><\/strong><\/p>\n

This is *not* a @Ledgerproduct.<\/span><\/em><\/strong><\/p>\n

Successfully used against @hackedzec\u201d<\/span><\/em><\/strong><\/p>\n

The affected user mentioned in the tweet, hackedzec lost 600 ZEC, valued at approximately $16 K at the time of tweet,<\/span> in his Ledger Nano by the Chrome extension\u2019s creator. WizardofAus told in his next <\/span>tweet<\/span><\/a>.<\/span><\/strong><\/p>\n

WizardofAus also mentioned the Casa<\/a> <\/strong>founder Jeremy Welch\u2019s warnings last year against browser extension malware at the Bitcoin (BTC) event Baltic HoneyBadger in Riga.<\/span><\/p>\n

In his next<\/span> tweet<\/span><\/a><\/strong>, he outlined the risks posed by these products, and asked users to be diligent. He said:<\/span><\/p>\n

\u201c<\/em>Firstly, be very careful what extensions you install. If you’re using the same computer for your crypto as you use generally, be extra diligent.<\/em> <\/span><\/strong><\/p>\n

Better to have a separate minimal machine – or use a Virtual Machine that is the only place you do crypto activity.\u201d<\/span><\/em><\/strong><\/p>\n

\"crypto<\/p>\n

WizardofAus further <\/span>said<\/span><\/a><\/strong>:<\/span><\/p>\n

\u201c<\/em>For using software with your hardware wallets, use the wallet vendor’s software.<\/em> <\/span><\/strong><\/p>\n

When you get that software, check it comes from the vendor’s website, that the link is secure, and ideally you can validate the software checksum.<\/span><\/em><\/strong><\/p>\n

Please learn from others’ expensive lessons\u201d<\/span><\/em><\/strong><\/p>\n

Hackedzec<\/span> Twitter account was notably created in January 2020. The anatomy of the account shows that he created the account specifically to spread awareness following his experience of the malware.<\/span><\/p>\n

The Twitter handle of Ledger Support also <\/span>confirmed<\/span><\/a><\/strong> the detection of malware extension saying that this not a legitimate Ledger product.<\/span><\/p>\n

Ledger Secure is not the only Chrome extension that contains malware. On December 31, cybersecurity and anti-phishing expert Harry Denley also <\/span>warned<\/span> about<\/span> an Ethereum (ETH) wallet known as Shitcoin Wallet<\/span> reportedly injecting malicious JavaScript code from open browser windows to steal data from its users. According to Denley, this Chrome browser crypto wallet is<\/span> attacking MyEtherWallet and other well-known websites containing users\u2019 passwords and private keys to cryptocurrency.<\/span><\/p>\n

The number of cryptojacking activities was on rise in 2019 as a <\/span>report<\/span><\/a><\/strong> f<\/span>rom McFee Labs published in August 2019, revealed that cryptojacking raised 29% just in the first quarter of 2019. <\/span><\/p>\n

\n","protected":false},"excerpt":{"rendered":"

A Twitter user and software architect, named as WizardofAus, warns crypto community about malware contaminated Google Chrome extension called Ledger Secure.<\/p>\n","protected":false},"author":4,"featured_media":21499,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[84,74],"tags":[4746,5001],"_links":{"self":[{"href":"https:\/\/crypto-economy.com\/wp-json\/wp\/v2\/posts\/21495"}],"collection":[{"href":"https:\/\/crypto-economy.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/crypto-economy.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/crypto-economy.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/crypto-economy.com\/wp-json\/wp\/v2\/comments?post=21495"}],"version-history":[{"count":0,"href":"https:\/\/crypto-economy.com\/wp-json\/wp\/v2\/posts\/21495\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/crypto-economy.com\/wp-json\/wp\/v2\/media\/21499"}],"wp:attachment":[{"href":"https:\/\/crypto-economy.com\/wp-json\/wp\/v2\/media?parent=21495"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/crypto-economy.com\/wp-json\/wp\/v2\/categories?post=21495"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/crypto-economy.com\/wp-json\/wp\/v2\/tags?post=21495"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}