Google takes down 49 malicious crypto-stealing Chrome extensions


Google has taken down crypto-stealing Chrome extensions disguised as digital wallet applications.

Discovered in Google Chrome’s web store are 49 crypto-stealing extensions that have been reportedly stealing cryptocurrencies from unsuspecting users.

According to Harry Denley, director of security at MyCrypto, “whilst the extensions all function the same, the branding is different depending on the user they are targeting.”

The extensions were immediately removed after Google’s confirmation of the report.

The crypto-stealing extensions look like legitimate cryptocurrency wallets, however, what they actually do is trick people into inputting their private keys so the thieves can use them to steal cryptocurrencies. Every piece of sensitive data the user submits through the extension is funneled to the thieves’ servers.

Denley adds that the malicious extensions mimic the interface of many trusted and popular crypto wallet apps such as Ledger, Trexor, Jaxx, Electrum, MyEtherWallet, MetaMask, Exodus, and KeepKey.

Some of the extensions have even been found to have a network of fake users that give perfect and positive ratings and feedback. The common feedback given by these individuals are “good,” “helpful app,” and “legit extension.”

Rising number of detected crypto scams

Denley noted that this discovery is a part of the rising number of detections. In a recent blog post, he said:

“An analysis from our dataset suggests the malicious extensions started to hit the store slowly in February 2020, increased releases through March 2020, and then rapidly released more extensions in April 2020.

“This means that either our detection is getting much better, or that the number of malicious extensions hitting browser stores to target cryptocurrency users is growing exponentially. An analysis from our dataset suggests Ledger is the most targeted brand — without speculating, it’s hard to say why.”

Denley advised that if users discover other crypto scams online, they can file a report with CryptoScamDB. The site also includes a growing list of previously report crypto scams.

Google takes down hundreds of other malicious extensions

This is not the first time Google has taken down malicious browser extensions. In February 2020 alone, Google removed “over 500 malicious Chrome extensions from its official Web Store.”

Security analysts believe that most of the extensions they have found are a part of a bigger malware operation that may have been active as early as 2010.

After the reports were confirmed by Google, they also removed the extensions and deactivated them from users’ browsers.

Greater due diligence over app downloads and permissions are advised during these times, especially now that more and more hackers have begun exploiting even COVID-19 related applications to steal personal information from internet users.

Images courtesy of Pixabay.

Errol Villorente

Covering topics on technology, finance, and cryptocurrency. Believes in the promise that lies in the blockchain and cryptocurrency to change the international financial landscape.

Published by
Errol Villorente

Recent Posts

Kim Kardashian didn’t divorce Kanye West sooner for his money: Rumor

Kim Kardashian has, allegedly, always wanted out of her marriage to Kanye West. But she…

15 hours ago

‘One Piece’ Chapter 1010: Luffy declares victory against Kaido

One Piece Chapter 1010 full summary is now out, and it looks like Luffy and…

15 hours ago

Nokia X series introduces six new mobile phones

Nokia has officially unveiled the newest in their X Series. The C10 and C20 are…

15 hours ago