Malicious extensions related to the crypto sector in the Chrome browser have been identified by the technology giant and removed with immediate effect. Google has eliminated 49 extensions in its Chrome browser disguised as crypto wallets and aimed at naive users.
The extensions in question mimicked the famous crypto wallets, including Ledger, Trezor and Electrum. Inattentive or knowledgeable users, they could have simply downloaded these extensions convinced they were dealing with authentic cryptocurrency apps.
Once their private keys and other personal details were shared, these malicious extensions would divert their cryptocurrency funds elsewhere.
The crypto extensions in Chrome imitated the real crypto wallets
The main goal of these extensions was to collect a maximum number of private keys to obtain the owner's cryptocurrency deposits. According to a ZDNet report, most of these applications apparently presented themselves as a real crypto program among the best known ones.
They hid under the guise of well-known giants of the cryptocurrency industry. The reliable image of these well-known cryptocurrency brands is being exploited to attract unwary users on Chrome. Most users think of installing an original extension created by their trusted brand.
Once installed, it would continue to infect the user's computer with a malicious code to take control of the crypto wallets connected to the device. If you want to trade safely, use automatic trading platforms like Bitcoin Pro.
Malicious extensions have possible links with Russian hackers
Harry Denley of the MyCrypto platform was the first person to discover these infamous programs. As complaints about the Chrome extensions aimed at users, passed off as well-known crypto wallets, grew, a not negligible problem materialized that the experts of the sector have noticed and on which they have immediately intervened.
Denley claims that malicious apps are likely to be developed and maintained by a group of Russian-born hackers. Henley also adds that almost all extensions have a similar modus operandi.
They work using similar strategies and differ only in the way their potential targets are classified. Denley said hackers specifically targeted high-value accounts and linked malicious Chrome extensions to previously reported incidents.
Malicious extensions present themselves by exploiting the image of a cryptocurrency service provider selected from among the high-end ones, and this makes it easy to gain user trust.
But the most interesting aspect is that these dangerous crypto extensions in Chrome imitate their authentic counterparts in the execution of the various functions of the crypto wallets, resulting almost identical to the originals.
This makes it much more difficult to identify and separate the fakes from the real ones. Despite this, the technicians managed to detect the problem by finding out the mechanism by which the private keys reached an unverified external server.