Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
A fraudulent Google Chrome extension has allegedly stolen as much 1.4 million XRP from users this month alone.
A fraudulent Google Chrome extension has allegedly stolen as much 1.4 million XRP from users this month alone.
In a series of tweets published on March 24, the research team âxrplorer forensicsâ claimed that fake Ledger Live extensions are being used to collect user backup passphrases:
âThey are advertised in Google searches and use Google Docs for collecting data. Accounts are being emptied and we have seen more than 200K XRP being stolen the past month alone.â
Revising this initial figure, xrplorer forensics later amended its estimate to âclose to 1.4M.â
The fraudulent extension is still available on Google Store
According to the researchers, most of the stolen XRP appears to still be held in accounts, with a proportion cashed out via the crypto exchange HitBTC.
Sharing a screenshot of a post request from the alleged scam, xrplorer forensics warned the community against downloading tools for their hardware wallets from any developer other than the vendor directly â in this case, French crypto hardware wallet manufacturer, Ledger.Â
Screenshot of the alleged Ledger Live XRP phishing scheme. Source: @xrpforensics
As of press time, two "Ledger Live" extensions appear on the Google store for the Chrome browser, both of which include multiple user reviews that appear to corroborate xrplorer forensicsâ warnings against the scam.
Exchanges should be on the alert
In a series of parallel tweets between March 20 and March 25, xrplorer forensics claimed that close to 300 million XRP currently residing in XRP accounts is flagged as fraudulent.
The vast majority of it, they claim, comes from the PlusToken exit scam. 13 million XRP is, in their estimation, derived from other thefts and scams.
In a tweet today addressed to crypto exchange bithunter.io, the researchers asked why AML (anti-money-laundering) alerts were not observed for a series of large and allegedly suspicious transactions. They contend that one-third of all XRP bithunter has received is from suspect accounts on their advisory list.
As of March 20, the researchers said they had been noticing a âconsolidation of funds from various scams happening right now,â appealing to exchanges to stay alert to the nature of incoming payments.
Repeat warnings
At the start of this month, Ledger had itself cautioned its users against the fake Ledger Live extension â first discovered by Harry Denley, director of security at blockchain interface platform MyCrypto. Denley, like xrplorer forensics, had identified that the fake extension was being propagated by a GoogleAds campaign.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.