{"id":21495,"date":"2020-01-03T12:06:57","date_gmt":"2020-01-03T11:06:57","guid":{"rendered":"https:\/\/crypto-economy.com\/?p=21495"},"modified":"2020-01-03T12:06:57","modified_gmt":"2020-01-03T11:06:57","slug":"twitter-user-warns-about-a-chrome-extension-malware-called-ledger-secure","status":"publish","type":"post","link":"https:\/\/crypto-economy.com\/twitter-user-warns-about-a-chrome-extension-malware-called-ledger-secure\/","title":{"rendered":"Twitter User Warns About a Chrome Extension Malware Called Ledger Secure"},"content":{"rendered":"
A Twitter user and software architect, named as WizardofAus, warns crypto community about malware contaminated Google Chrome extension called Ledger Secure.<\/span><\/p>\n In a tweet posted on January 2, WizardofAus said that this is not a Ledger product<\/a><\/strong> asked users to remove it if they have installed it. WizardofAus\u2019 tweet reads:<\/span><\/p>\n \u201cMalware Chrome extension alert <\/span><\/em><\/strong><\/p>\n If you have “Ledger Secure” installed – REMOVE IT.<\/span><\/em><\/strong><\/p>\n The @ChromeExtension “Ledger Secure” contains malware that passes your seed phrase back to the extension’s author. <\/span><\/em><\/strong><\/p>\n This is *not* a @Ledgerproduct.<\/span><\/em><\/strong><\/p>\n Successfully used against @hackedzec\u201d<\/span><\/em><\/strong><\/p>\n The affected user mentioned in the tweet, hackedzec lost 600 ZEC, valued at approximately $16 K at the time of tweet,<\/span> in his Ledger Nano by the Chrome extension\u2019s creator. WizardofAus told in his next <\/span>tweet<\/span><\/a>.<\/span><\/strong><\/p>\n WizardofAus also mentioned the Casa<\/a> <\/strong>founder Jeremy Welch\u2019s warnings last year against browser extension malware at the Bitcoin (BTC) event Baltic HoneyBadger in Riga.<\/span><\/p>\n In his next<\/span> tweet<\/span><\/a><\/strong>, he outlined the risks posed by these products, and asked users to be diligent. He said:<\/span><\/p>\n \u201c<\/em>Firstly, be very careful what extensions you install. If you’re using the same computer for your crypto as you use generally, be extra diligent.<\/em> <\/span><\/strong><\/p>\n Better to have a separate minimal machine – or use a Virtual Machine that is the only place you do crypto activity.\u201d<\/span><\/em><\/strong><\/p>\n <\/p>\n WizardofAus further <\/span>said<\/span><\/a><\/strong>:<\/span><\/p>\n \u201c<\/em>For using software with your hardware wallets, use the wallet vendor’s software.<\/em> <\/span><\/strong><\/p>\n When you get that software, check it comes from the vendor’s website, that the link is secure, and ideally you can validate the software checksum.<\/span><\/em><\/strong><\/p>\n Please learn from others’ expensive lessons\u201d<\/span><\/em><\/strong><\/p>\n Hackedzec<\/span> Twitter account was notably created in January 2020. The anatomy of the account shows that he created the account specifically to spread awareness following his experience of the malware.<\/span><\/p>\n