Cryptocurrency hardware wallet manufacturer Ledger has issued a warning to users over a new phishing attack using an extension in Google Chrome.
According to a tweet, Ledger alerted users to a fraudulent Chrome extension which asks users to enter their 24-word recovery phrase. The tweet reminds Ledger clients to never share their recovery phrase or enter it in an internet-connected device.
A fake Chrome extension has been found, asking to enter your 24 word recover phrase
⚠️NEVER share your 24 words
⚠️NEVER enter your 24 words into any internet-connected device
⚠️Ledger will NEVER ask for your 24 words
— Ledger Support (@Ledger_Support) March 5, 2020
The attack was first reported by Catalin Cimpanu, a cybersecurity reporter for business technology outlet ZDNet. The fraudulent Chrome extension, called Ledger Live, mimics the mobile and desktop application Leger Live which allows clients to sync their hardware wallet with a secured device.
Once installed, users are asked to enter their 24-word seed phrase into the extension, which collects the data via a Google Form. Attackers can then use the recovery phrase to access a user’s Ledger wallet and “recover” the funds to a different account.
Harry Denley, Director of Security at MyCrypto, told ZDNet,
The extension makes no sense to install and use because it defeats the purpose of having a hardware wallet with your secrets offline.
While the extension has been removed from the Google Chrome Web Store, the ZDNet report claims it was downloaded at least 120 times.
Featured Image Credit: Photo via Pixabay.com