![]() As a KeepKey user, you can help to protect your funds by: Unfortunately, this is a cat and mouse game consisting of moving targets as new malicious extensions are being detected daily. We have reported this bad actor to the Federal Bureau of Investigation in order to further protect our users. We have also located the hosting service that is hosting the website to which seed phrases were sent and filed the appropriate requests. ![]() Our team has filed multiple reports with the Google Chrome app store requesting the removal of the malicious extension. ShapeShift has taken swift action to combat this malicious software. The user’s cryptocurrency was then stolen by the malicious actor or actors now in possession of the user’s seed phrase. At the time of this post, we know of at least one unsuspecting KeepKey user who apparently entered their seed phrase into this malicious extension - resulting in the phrase being sent to the attacker. This is different from how KeepKey’s extension works: our extension never asks the user to enter their wallet seed phrase. When a user installs the malicious extension, they are asked to enter their wallet seed phrase, which can be used to unlock the funds on a KeepKey. This malicious extension is designed to look like our legitimate KeepKey extension, which is also available in the Google Chrome app store. It has come to our attention that a malicious actor published a malicious KeepKey extension on the Google Chrome app store. ShapeShift owns and operates the reputable hardware wallet known as KeepKey.
0 Comments
Leave a Reply. |