Security News > 2020 > April > 49 New Google Chrome Extensions Caught Hijacking Cryptocurrency Wallets
Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies.
"Essentially, the extensions are phishing for secrets - mnemonic phrases, private keys, and keystore files," explained Harry Denley, director of security at MyCrypto.
All the extensions functioned alike, the only difference being the cryptocurrency wallet brands that were impacted - such as Ledger, Trezor, Jaxx, Electrum, MyEtherWallet, MetaMask, Exodus, and KeepKey - via 14 unique command-and-control servers that received the phished data.
Data stealing extensions have been a regular occurrence on the Chrome Web Store, leading Google to purge them as soon as they're discovered.
Back in February, the company removed 500 malicious extensions after they were caught serving adware and sending users' browsing activity to C2 servers under the control of attackers.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/n_qcjIqhu2c/chrome-cryptocurrency-extensions.html
Related news
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- How to enable Safe Browsing in Google Chrome on Android (source)
- Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices (source)
- New tool bypasses Google Chrome’s new cookie encryption system (source)
- Google to let businesses create curated Chrome Web Stores for extensions (source)
- Google says “Enhanced protection” feature in Chrome now uses AI (source)