Cryptocurrency users are once again at the risk of losing their funds to hackers as the cases of malicious browser extensions for crypto wallets continue to rise.
A new report today revealed that Google had removed a total of 49 chrome extensions from its webstore that were designed to phish the passphrase of crypto wallets users in order to steal their digital currencies.
This is coming after MyCrypto and PhishFort conducted an investigation into the matter. As per the report, these malicious browser extensions were impersonating leading crypto wallet brands including Ledger, Trezor, Jaxx, Electrum, MyEtherWallet, MetaMask, Exodus, and KeepKey.
The director of security at MyCrypto, Henry Denley, said that the extensions had been stealing mnemonic phrases, wallets’ private keys, and keystone files. “Once the user has entered them, the extension sends an HTTP POST request to its backend, where the bad actors receive the secrets and empty the accounts,” he added.
To lure unsuspecting users into downloading the extensions, the creators employed the services of several fake users to give a 5-star review and positive feedback on the extensions.
However, Denley noted that there were few users who wrote genuine reviews of the extensions.
There was also a network of vigilant users who wrote legitimate reviews about the extensions being malicious — however, it is hard to say if they were victims of the phishing scams themselves, or just helping the community to not download.
Interestingly, funds in most wallets were not stolen right away. The researchers deduced that the attackers were either targeting high-valued wallets or could still be in the process of stealing the funds.
The report also alleged that the extensions could possibly have been created by a group of Russian hackers. This, however, has not been confirmed.
Notably, malicious chrome extensions targeting crypto wallet users have been on the increase recently and this has prompted Google to oust from them its web store after Mycrypto and PhishFort reported them.
Sadly, though, many people had fall victim to these fake extensions before they are discovered. Last month, Coinfomania reported that crypto users lost more than 1.4 million XRP after installing fake ledger chrome extensions in February.
