A security researcher has discovered 22 other web browser extensions, Google Chrome, built to steal the crypto currencies of its users.
The cyber security news channel, Naked Security, reported on May 8 that Harry Denley, a security researcher specializing in crypto-currencies, discovered 22 more malicious Google Chrome extensions. The extensions he discovered were masquerading as cryptographic signatures known as Ledger, KeepKey, MetaMask and Jaxx. Their purpose is to trick users into giving up the credentials needed to access their wallets.
Anonymous crypto payments make child pornography case in South Korea difficult
Most phishing extensions have already been removed at the time of publication. According to the report, most were removed within 24 hours of Denley reporting them. Cointelegraph contacted Harry Denley, but the investigator has not responded at the time of publication.
Google Chrome extensions are often used for phishing
The Google Chrome extension shop seems to be an important area of attention for cybercriminals looking to steal crypto currencies. At the end of April, Google administrators changed the rules governing the publication of Chrome extensions in an attempt to make it harder for fraudsters to spread malicious code.
New ransomware threatens to expose Victoria’s Secrets
As Cointelegraph reported in mid-April, Bitcoin Code, Bitcoin Profit, Bitcoin Storm, Bitcoin Billionaire, Bitcoin Method removed 49 phishing extensions from the Chrome web browser after reports of malicious activity. In early March, the leading producer of hardware crypto wallets, Ledger, warned its users about phishing extensions in the store.
Reports at the end of April suggest that Google has yet to address the broader issue of phishing campaigns using its platforms. One report suggests that the company’s advertising platform, Google Ads, was used to lure victims to the phishing clone of a crypto-currency exchange. Meanwhile, the blockbuster firm Ripple Labs filed a lawsuit against Youtube, seeking damages after crypto coin scammers posed as them on the platform.