22 new extensions posing as official developer products were found in the Google Chrome browsercryptocurrency wallets. This is written by Naked Security.
Fake extensions, including those that emulate Ledger, KeepKey, MetaMask, and Jaxx wallets, were discovered by security specialist Harry Denley.
According to Denley, Google support worked exceptionally quickly. He finds new malicious extensions almost daily, but as a rule, all of them were deleted within 24 hours after treatment.
In April, the researcher already reported 49extensions stealing the keys to bitcoin wallets. All of them “almost identically” copied the functionality of the official software for wallets, but they contained malicious code to steal private keys, mnemonic phrases, and other user data.
Google then updated the rules for addingextensions, forbidding developers in particular to publish extensions that perform the same functions or exist only in order to run other applications.
However, as the lead developer recently wroteMetaMask Dan Finley, the problem is that Google is not making enough effort to limit phishing ads leading to such fake extensions.
</p>According to him, the number of fake extensions of MetaMasks is growing, and all of them, apparently, successfully go through the manual process of checking for security.
Recall in March, Twitter users discoveredfake extension for Google Chrome, stealing passwords for password recovery. With its help, attackers managed to steal more than 1.4 million XRP coins.
Read this:
49 fake Chrome browser extensions to steal crypto assets
Google removed 49 cryptocurrency theft extensions for Chrome browser
Search for gray miners in the bowels of Chrome and Opera
Expert warned about Shitcoin Wallet Ethereum wallet that steals personal data
SEBA cryptocurrency bank is going to attract more than $ 95 million from new investors
Over 7,000 cryptocurrency ATMs have already been installed worldwide.