Naked Security, an award-winning threat newsroom specialized in opinion, advice, and research on computer security issues and the latest internet threats, has published a piece detailing a new thread found in some Google Chrome web browser extensions.
According to the news outlet, Harry Denley, a security researcher who specializes in cryptocurrency threads, discovered 22 Chrome browser extensions that were being used to steal user’s cryptocurrencies. The malicious extensions attempted to misguide and confuse users, making them believe they were other well-known apps such as Ledger, MetaMask, KeepKey, and Jaxx. Through these Google Chrome web browsers, hackers would trick users into giving away their login information to access their cryptocurrency wallets.
As detailed in the report, most of these extensions have been taken down by now. Thanks to Denley’s report, the extensions were taken out in the first 24 hours after being discovered. As previously reported, this type of phishing scam is nothing new to the crypto community. In fact, since the surge of Bitcoin, this type of scams have increased exponentially.
Google has been trying to fight scammers by updating its rules for Chrome extensions, making it more difficult for them to upload fraudulent web extensions. In April alone, Google took down approximately 50 phishing Chrome we extensions, after users reported malicious activity.
Last year, another security firm called ESET Security Solutions also discovered an app with malware called “clipper”, stored within another app that was simulating to be one of the biggest wallet extension apps for Chrome and other navigators, MetaMask. According to ESET Security Solutions:
The clipper we found lurking in the Google Play store, detected by ESET security solutions as Android/Clipper.C, impersonates a legitimate service called MetaMask. The malware’s primary purpose is to steal the victim’s credentials and private keys to gain control over the victim’s Ethereum funds. However, it can also replace a Bitcoin or Ethereum wallet address copied to the clipboard with one belonging to the attacker.
With more scammers looking to steal other people’s digital assets, it is essential always to use reliable sources to download any apps. Especially if it comes to cryptocurrency wallet extensions, it is recommendable for users to go to the main website of the company who developed the crypto wallet, and find a link to download the app or web extension there. This way, it is guaranteed that you will be downloading the right app and that your information is safe from phishing attempts.