|
Title: {Warning}: Ledger extension phishing attempts Post by: Baofeng on March 05, 2020, 05:47:49 AM https://i.ibb.co/8jhBHMn/Screen-Shot-2020-03-05-at-1-41-07-PM.png (https://ibb.co/9qMv7nm)
https://twitter.com/sniko_/status/1235345036382003206 Another one discovered hours ago, and it was thru Google ads, so if you go to Google and type Ledger Live, this will be on the top, ahead of the official and legit Ledger website, be careful not to get phished. https://i.ibb.co/yShhQkW/Screen-Shot-2020-03-05-at-1-47-02-PM.png (https://ibb.co/wsJJzQM) Title: Re: {Warning}: Ledger extension phishing attempts Post by: o_e_l_e_o on March 05, 2020, 10:00:14 AM People need to stop installing random software they come across and stop using Google to find services they want to use. Google serves up malicious ads constantly, and hosts malicious extensions and apps on their web stores constantly. They don't care about your security or privacy - they care about making money. If a scammer will pay to advertise their malicious site, Google will happily accept it.
Stop using Google altogether. They invade your privacy and serve you with malicious ads. Swap to a better search engine such as DuckDuckGo or SearX. Install the uBlock Origin extension to block ads altogether. Don't search for products, services, apps, extensions, etc., you want to use. Visit the official site and go from there. Don't download any software, app, or extension, without really asking your self if you really need it. Never enter your seed phrase on random sites or programs which ask for it. Title: Re: {Warning}: Ledger extension phishing attempts Post by: Lucius on March 05, 2020, 11:52:36 AM Is this something new of which we have not been aware for at least 6 months or more? There is a warning on Ledger Reddit (https://www.reddit.com/r/ledgerwallet/comments/ck6o44/be_careful_phishing_attacks_in_progress/) from 7 months ago, and I posted warning last year in this topic (https://bitcointalk.org/index.php?topic=5198563.msg52979648#msg52979648). The most important thing is that the seed should never be enter anywhere other than the hardware wallet, learn that and all those fake sites and extensions will not pose any threat.
Title: Re: {Warning}: Ledger extension phishing attempts Post by: dkbit98 on March 05, 2020, 12:04:12 PM This extension is now down and removed from Google store, but people need to watch out what extensions they are installing.
I saw article on ZDNet with more details: https://www.zdnet.com/article/malicious-chrome-extension-caught-stealing-ledger-wallet-recovery-seeds/ Title: Re: {Warning}: Ledger extension phishing attempts Post by: Baofeng on March 07, 2020, 12:24:03 AM This extension is now down and removed from Google store, but people need to watch out what extensions they are installing. I saw article on ZDNet with more details: https://www.zdnet.com/article/malicious-chrome-extension-caught-stealing-ledger-wallet-recovery-seeds/ Yes, it was taken down already, Code: https://chrome.google.com/webstore/detail/ledger-live/idnelecdpebmbpnmambnpcjogingdfco I wasn't able to archived it though, but I did see something like 100++ downloads prior to Google taking it down. I do hope that those who downloaded it didn't lose any of their precious coins. |
