Google removed Chrome extensions for crypto data theft
The company discarded 49 connections from its Chrome browser after determining that they were involved in phishing activities.
Google announced that it recently removed 49 extensions from the Chrome web browser after determining that these were linked to cryptocurrency phishing.
MyCrypto Security Director Harry Denley noted via a Medium post that Chrome accomplished this hard task thanks to the support of cybersecurity firm PhishFort.
The removed extensions include those targeting owners of hardware wallets produced by Ledger, Trezor, and KeepKey, and users of Jaxx, MyEtherWallet, Metamask, Exodus, and Electrum software wallets.
These tools urged users to enter the necessary credentials to gain access to wallets, mnemonic phrases, private keys, among other facts.
Some of the extensions also had fake five-star ratings on the Chrome extension store, but the reviews contained a few or no information ranging from “good”, “useful app” to “legitimate extension”.
The investigation uncovered 14 control servers behind all extensions, but the fingerprint analysis revealed that some of the servers were managed by the same bad actors, with the oldest domain linked to many other control servers. Denley subsequently concluded that the same bad actors were behind most of the extensions.
K. Tovar
Source: Cointelegraph
