Security News > 2020 > May > More crypto-stealing Chrome extensions swatted by Google
Google deleted 49 malicious Chrome extensions from the Chrome Web Store in mid-April after Harry Denley, director of security at MyCrypto, found them phishing cryptocurrency users.
The extensions impersonate Chrome extensions for legitimate cryptocurrency wallets, but when installed they pilfer the users' private keys and other secrets used to access digital wallets so that their authors can steal victims' funds.
Google has acknowledged a general problem with malicious extensions and has announced new rules for the Chrome Web Store.
The problem, according to Dan Finlay, the lead developer at crypto wallet company MetaMask, is that Google allows phishing ads that point to fake extensions.
The official MetaMask extension has over 1,000,000 users - you'd assume Google would have some sort of plan to tackle any potential fake extensions with the Metamask branding.
News URL
Related news
- Google Drops Cookie Prompt in Chrome, Adds IP Protection to Incognito (source)
- Google Rolls Out On-Device AI Protections to Detect Scams in Chrome and Android (source)
- Google Chrome to use on-device AI to detect tech support scams (source)
- Google Chrome to block admin-level browser launches for better security (source)
- Google fixes high severity Chrome flaw with public exploit (source)
- Google Chrome Can Now Auto-Change Compromised Passwords Using Its Built-In Manager (source)