Twitter user and software builder WizardofAus (@BTCSchellingPt) has warned cryptocurrency holders against a Chrome extension for Ledger crypto wallets that allegedly contains malware.

In a tweet posted on Jan ii., WizardofAus claimed that:

"Malware Chrome extension alert. If yous have "Ledger Secure" installed - REMOVE It. The @ChromeExtension "Ledger Secure" contains malware that passes your seed phrase back to the extension'south author. This is *non* a @Ledger production. Successfully used against @hackedzec."

"@hackedzec"'s Twitter handle was notably created in Jan. 2022; both the handle's novelty and the chosen name suggest that he created the business relationship specifically to spread sensation following his experience of the malware.

The official Ledger Back up Twitter handle confirmed the detection of the extension malware on Jan. two, using the header "PHISHING Alarm."

Onetime Trezor executive and contributor to the "Little Bitcoin Book" Alena Vranova retweeted WizardofAus' tweet with the comment: "some other proof that the give-and-take 'secure' does non imply security."

Learning from others' expensive mistakes

In WizardofAus' account, 600 in Zcash (ZEC) — worth roughly $sixteen,000 past press time — was stolen from @hackedzec's holdings in his Ledger Nano by the Chrome extension'southward creator.

Referring to Casa founder Jeremy Welch'due south warnings last year against browser extension malware at the Bitcoin (BTC) event Baltic HoneyBadger in Riga, WizardofAus outlined the risks posed past these products — and what users can practise to protect themselves:

"Firstly, be very careful what extensions you install. If you lot're using the same computer for your crypto every bit y'all employ generally, be extra diligent. Ameliorate to take a separate minimal machine - or use a Virtual Motorcar that is the only place you lot do crypto activeness."

Other due diligence includes using merely the wallet vendor's proprietary software — in this case, Ledger'south — and double-checking that it really comes from the vendor's website via a secure link.

Users tin can also verify the checksum of the downloaded file earlier running the software. A checksum, besides known as a hash, is a hexadecimal number that is unique to the installer .exe file created past the writer. The downloaded file, assuming it has non been tampered with by a tertiary political party, should match the checksum on the vendor's site.

Browser risks

Just 2 days ago, Cointelegraph reported on an Ethereum (ETH) wallet Chrome browser extension known as "Shitcoin Wallet" that has reportedly been injecting malicious javascript code from open up browser windows to steal data from its users.