Malicious crypto extensions in Chrome browser have been identified by the tech giant and removed with immediate effect. Google has purged 49 extensions in its Chrome browser masquerading as crypto wallets and targeting gullible users.
These harmful crypto extensions in Chrome browser were imitating renowned crypto wallets, including Ledger, Trezor, and Electrum. Ignorant users would simply download these extensions thinking they are downloading genuine crypto wallet apps. Once they share their private keys and other personal details, these nefarious extensions would hijack their crypto funds.
Crypto extensions in Chrome were mimicing real crypto wallets
The ‘Web Store’ has been purged of these malacious crypto extensions in Chrome browser. The primary target of these extensions was to collect a maximum number of private keys to get hold of the cryptocurrency deposits of the owner.
As per a ZDNet report, most of these applications were notoriously posing as genuine crypto programs. They were cloaked under the garb of well-known crypto industry giants. The trustworthy image of these well-known crypto wallet brands is exploited to attract gullible Chrome users.
Most users think they are installing a genuine extension built by their trusted brand. Once installed, they would proceed to infect the user’s computer with malicious code to take control of their crypto wallets.
Harry Denley of MyCrypto platform was the first person to discover these notorious programs. As complaints grew regarding Chrome extensions targeting users under the garb of crypto wallets, industry experts took notice. Denley says that malicious apps are most likely built and hosted by a group of hackers with Russian origins.
Henley further adds that almost all the extensions have a similar modus operandi. They work in a similar fashion and differ only in the way their potential targets are classified. Extensions wear the cloak of high-end crypto wallet services provider, which makes it easy to gain the user’s trust.
What’s more freighting is that these malicious crypto extensions in Chrome mimic their authentic counterparts in performing the various crypto wallet functions. This makes it harder to identify and segregate the fakes from the real ones. However, they were caught as the private keys were reaching some unverified external server.