Google has removed several Chrome extensions caught mimicking legitimate crypto-wallet apps in order to steal users’ private keys and mnemonic phrases…
Chrome extensions offer a number of extra functions. Some help to speed up page load time. Others check for coupon/discount codes. But, that’s certainly not all. In fact, Chrome extensions can do just about anything. Unfortunately, these programs can also be exploited by nefarious characters.
Google Removes 49 Chrome Extensions for Stealing Crypto-Wallet Keys
Google has removed almost fifty Chrome extensions for stealing users’ crypto-wallet keys and mnemonic phrases, according to a recent report by ZDNet. The scam extensions were discovered by Harry Denley, Director of Security at the MyCrypto platform.
Denley explains the 49 extensions appear to have been created by the same group or person, which is believed to be a Russian-based threat actor. The corrupt programs posed as legitimate crypto-wallet apps, including Ledger, Trezor, Jaxx, Electrum, MyEtherWallet, MetaMask, Exodus, and KeepKey.
The fraudulent plugins worked almost exactly like the real ones. But, when a victim used the app, his or her private information was sent over to the attacker’s server or over to a Google Form. Although the perpetrator has not been identified, victims won’t be able to recover any stolen funds, due to the very nature of how cryptocurrencies work.