Sunday, 05 July 2020
Sovrano

Google removes 49 Chrome extensions caught stealing crypto-wallet keys

The Chrome extensions were mimicking cryptocurrency wallet apps like Ledger, MyEtherWallet, Trezor, Electrum, and others, but, in reality, they were stealing users' private keys and mnemonic phrases.

Google has removed 49 Chrome extensions from the Web Store that posed as legitimate cryptocurrency wallet apps but contained malicious code that stole crypto-wallet private keys, mnemonic phrases, and other raw secrets.

The 49 extensions were discovered by Harry Denley, Director of Security at the MyCrypto platform, who shared his findings exclusively with ZDNet last week.

Denley says the 49 extensions appear to have been put together by the same person/group, believed to be a Russian-based threat actor.

"Whilst the extensions all function the same, the branding is different depending on the user they are targeting," Denley said.

The MyCrypto security researcher says he has identified malicious extensions posing as known crypto-wallets apps such as Ledger, Trezor, Jaxx, Electrum, MyEtherWallet, MetaMask, Exodus, and KeepKey.

The malicious extensions all worked nearly identically to the real ones; however, any data a victim enters during the configuration steps is sent to one of the attacker's servers or a Google Form.


source: zdnet.com

Legal Disclaimer

Creamcoin Marketcap