Cryptocurrency hardware wallet manufacturer Ledger has reportedly issued a warning over a fraudulent Google Chrome extension. Ledger has alerted users to a fraudulent Chrome extension which asks users to enter their 24-word recovery phrase. The tweet, which alerted users to the extension warning, reminds Ledger clients to never share their recovery phrase or enter it in an internet-connected device.
The attack was first reported by Catalin Cimpanu, a cybersecurity reporter for business technology outlet ZDNet. The fraudulent Chrome extension, called Ledger Live, mimics the mobile and desktop application Leger Live which allows clients to sync their hardware wallet with a secured device.
Once installed, users are asked to enter their 24-word seed phrase into the extension, which collects the data via a Google Form. Attackers can then use the recovery phrase to access a user’s Ledger wallet and “recover” the funds to a different account.
While the extension has been removed from the Google Chrome Web Store, the ZDNet report claims it was downloaded at least 120 times.