Cyber security news for all


    Google removed 49 other malicious extensions that steal crypto data

    Google has blocked 49 extensions for the Chrome browser, which masquerade as crypto money services but should actually steal from users. Specifically, the malicious extensions disguised themselves as add-ons.

    There have been reports of thefts, probably due to this or similar extensions. Some of the extensions also saw a small network of fake users, which provided reviews and short review texts. The placement of the fake extensions were noticed last month and then increased in number. This could mark the beginning of a wave, but it could also be due to more precise detection and observation, which simply finds more cases.

    The current measure also punishes developers who are not indebted. Suspension can also become a problem for users if security gaps cannot be patched. The ban on publishing or updating affects all paid extensions. These include Chrome extensions, which require a fee to be paid prior to installation, extensions that work on the basis of monthly subscriptions, or Chrome extensions which have access to various functions through one time app purchases.

    Extensions Managed To Trick Users Into Installing Various Applications

    MyCrypto’s security director explained the issue in detail in his recent contribution. He explained that the extensions managed to trick users into installing them by mimicking various applications. An example of this is Ledger, a case that has made headlines several times recently. Other examples are KeepKey, Trezor, MyEtherWallet and others.

    After the user installed them, the extensions would steal their wallet’s private keys and similarly sensitive data. MyCrypto also added that some of these extensions could be quite progressive, with entire networks of fake users who rated the app. Of course, users would give the apps the best possible feedback to get others to use them. Of course, the extensions contain malicious files and they can store any data that users would enter. Then they would either be forwarded to a Google form or to a remote server operated by hackers.

    Recent Articles

    Related Stories