Follow Us

Monday, April 20, 2020

April 20, 2020
Google Chrome fans have been put on alert about some dangerous Chrome Web Store extensions (Image: GOOGLE • GETTY)

GOOGLE CHROME users have been put on red alert about dozens of dangerous extensions available for the market-leading web browser. If you haven't already installed the extensions - you're protected. If they're already plugged into your Chrome browser, you need to act immediately.

Google Chrome users have been placed on alert about a number of dangerous extensions available for the web browser. As revealed in a new post by HackRead, researchers from security firms PhishFort and MyCrypto have highlighted 49 Chrome extensions found to be engaging in malicious activity that could be putting you at risk.

These extensions pretend to be cryptocurrency wallet tools, but in fact contain malware that steals confidential information. If you've been relying on these small add-ons for Chrome for important financial transactions – that could leave your sensitive data at serious risk.
Details that can be stolen by the Chrome extensions include keys to private wallets and set phrases used to retrieve a lost wallet. And scammers have been using Google Adwords to help spread these fake Chrome extensions.
Researchers revealed in a blog post that these fake extensions hit the Chrome Web Store in February, with an increase in March and then a rapid spike in April.
The study found that Ledger was the brand most targeted by these malicious extensions, with MyEtherWallet next and then Trezor. Researchers reported the affected extensions to Google and within 24 hours they were taken down.
However, if you still have the extensions installed on your machine – you'll need to disable them yourself to ensure your data remains safe.
Discussing their findings, MyCrypto's Harry Denley said: "We have found a range of extensions targeting brands and cryptocurrency users. Whilst the extensions all function the same, the branding is different depending on the user they are targeting."
Denley added: "Essentially, the extensions are phishing for secrets — mnemonic phrases, private keys, and keystore files. Once the user has entered them, the extension sends an HTTP POST request to its backend, where the bad actors receive the secrets and empty the accounts."
The MyCrypto blog piece also went provided advice for how cryptocurrency investors can stay safe when downloading extensions from the Google Chrome Web Store.
Denley advised...