Investigation: Counterfeit Chrome extension "Ledger Live" has stolen more than 200,000 XRP last month

In a recent survey, "xrplorer forensics" found that "Ledger Live" is a fraudulent Google Chrome extension that collects users' backup passwords. xrplorer forensics revealed in a series of tweets that these extensions advertised on Google search and used Google Docs to collect data: "Accounts were emptied and more than 200,000 XRP were stolen last month alone. We have no other cryptocurrency Data. Never download tools for hardware wallets directly from outside the vendor. Screenshots show extended POST requests. Most of these XRPs are cashed through HitBTC. "Previously, Harry, the security director of the MyCrypto platform Denley found a Chrome extension called Ledger Live that attempts to impersonate a real Ledger Live app, get the recovery seed (the 12 or 24 word mnemonic set when the Ledger wallet was created) and steal assets.