DESCRIPTION OF EVENTS
"The Next Frontier of Crypto Security. Protect your cryptocurrencies, store your private keys offline, and safeguard your assets from hackers. It’s time to achieve financial freedom in the most secure way with KeepKey."
"Beginning in June 2020, Google will be ending support for the Chrome Apps. We recommend all KeepKey Chrome App Client users move to the ShapeShift Platform. The platform allows you to send, receive, trade, and securely hold your KeepKey assets."
"[T]here are scam versions which can steal your money. Use your KeepKey ONLY with the ShapeShift web platform." "ShapeShift owns and operates the reputable hardware wallet known as KeepKey. It has come to our attention that a malicious actor published a malicious KeepKey extension on the Google Chrome app store. This malicious extension is designed to look like our legitimate KeepKey extension, which is also available in the Google Chrome app store. When a user installs the malicious extension, they are asked to enter their wallet seed phrase, which can be used to unlock the funds on a KeepKey."
"This is different from how KeepKey’s extension works: our extension never asks the user to enter their wallet seed phrase. At the time of this post, we know of at least one unsuspecting KeepKey user who apparently entered their seed phrase into this malicious extension - resulting in the phrase being sent to the attacker. The user’s cryptocurrency was then stolen by the malicious actor or actors now in possession of the user’s seed phrase."
"ShapeShift has taken swift action to combat this malicious software. Our team has filed multiple reports with the Google Chrome app store requesting the removal of the malicious extension. We have also located the hosting service that is hosting the website to which seed phrases were sent and filed the appropriate requests. We have reported this bad actor to the Federal Bureau of Investigation in order to further protect our users. Unfortunately, this is a cat and mouse game consisting of moving targets as new malicious extensions are being detected daily."
"The KeepKey Chrome app has been retired."
KeepKey had a Google Chrome extension which users could previously use to manage their funds. A malicious version of the extension was created and made available for download. At least one unsuspecting user downloaded and installed the malicious extension, which requested them to enter their seed phrase.
HOW COULD THIS HAVE BEEN PREVENTED?
Always download wallets starting from the official source. Always test new wallets with smaller balances. Keep the majority of funds fully offline unless actively using them.
KeepKey - Hardware Wallet | ShapeShift (May 2)
https://shapeshift.zendesk.com/hc/en-us/articles/360013876999-End-of-KeepKey-Chrome-App-Do-Not-Use (Jun 4)
ShapeShift Security Update: KeepKey Client (Jun 4)
KeepKey Client - Chrome Web Store (Jun 4)