Quadriga Initiative Logo.png

QUADRIGA INITIATIVE

CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM

A COMMUNITY-BASED, NOT-FOR-PROFIT

UNKNOWN

APRIL 2020

GLOBAL

KEEPKEY

DESCRIPTION OF EVENTS

"The Next Frontier of Crypto Security. Protect your cryptocurrencies, store your private keys offline, and safeguard your assets from hackers. It’s time to achieve financial freedom in the most secure way with KeepKey."

 

"Beginning in June 2020, Google will be ending support for the Chrome Apps. We recommend all KeepKey Chrome App Client users move to the ShapeShift Platform. The platform allows you to send, receive, trade, and securely hold your KeepKey assets."

 

"[T]here are scam versions which can steal your money. Use your KeepKey ONLY with the ShapeShift web platform." "ShapeShift owns and operates the reputable hardware wallet known as KeepKey. It has come to our attention that a malicious actor published a malicious KeepKey extension on the Google Chrome app store. This malicious extension is designed to look like our legitimate KeepKey extension, which is also available in the Google Chrome app store. When a user installs the malicious extension, they are asked to enter their wallet seed phrase, which can be used to unlock the funds on a KeepKey."

 

"This is different from how KeepKey’s extension works: our extension never asks the user to enter their wallet seed phrase. At the time of this post, we know of at least one unsuspecting KeepKey user who apparently entered their seed phrase into this malicious extension - resulting in the phrase being sent to the attacker. The user’s cryptocurrency was then stolen by the malicious actor or actors now in possession of the user’s seed phrase."

 

"ShapeShift has taken swift action to combat this malicious software. Our team has filed multiple reports with the Google Chrome app store requesting the removal of the malicious extension. We have also located the hosting service that is hosting the website to which seed phrases were sent and filed the appropriate requests. We have reported this bad actor to the Federal Bureau of Investigation in order to further protect our users. Unfortunately, this is a cat and mouse game consisting of moving targets as new malicious extensions are being detected daily."

 

"The KeepKey Chrome app has been retired."

KeepKey had a Google Chrome extension which users could previously use to manage their funds. A malicious version of the extension was created and made available for download. At least one unsuspecting user downloaded and installed the malicious extension, which requested them to enter their seed phrase.

HOW COULD THIS HAVE BEEN PREVENTED?

Always download wallets starting from the official source. Always test new wallets with smaller balances. Keep the majority of funds fully offline unless actively using them.

 

Check Our Framework For Safe Secure Exchange Platforms

KeepKey - Hardware Wallet | ShapeShift (May 2)
https://shapeshift.zendesk.com/hc/en-us/articles/360013876999-End-of-KeepKey-Chrome-App-Do-Not-Use (Jun 4)
ShapeShift Security Update: KeepKey Client (Jun 4)
KeepKey Client - Chrome Web Store (Jun 4)

Sources And Further Reading

More case studies

Etheroll Fork
Manipulation

Uniswap ERC777
Reentrancy Attack

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.