Google Pulls 49 Cryptocurrency Wallet Browser Extensions Found Stealing Private Keys

2020-4-16 19:45

Google has removed 49 cryptocurrency wallet browser extensions after a security researcher discovered they were stealing private keys. These Chrome extensions targeted users of crypto wallets, such as Ledger, Trezor, Jaxx, Electrum, Myetherwallet, Metamask, Exodus, and Keepkey.

Also read: Bitcoin Revolution: Wanna Earn $1,000 a Day? Government Warns About This Scam

49 Malicious Chrome Browser Extensions

Security researcher Harry Denley revealed on Tuesday that 49 Chrome browser extensions have been stealing users’ cryptocurrency wallet private keys. Denley is the director of security at Mycrypto, an open-source tool for generating ether wallets and handling ERC20 tokens.

Posing as legitimate cryptocurrency wallet extensions, the 49 fake Chrome browser extensions contained malicious code that stole private keys, mnemonic phrases, and keystore files, the director described. They gathered data entered during different wallet configuration steps and sent them to one of the attacker’s servers or a Google Form. Some of these fraudulent browser extensions even had a network of fake users rating them with five stars or positive feedback. According to Denley, the extensions appear to be the work of one person or a group of people who are likely to be based in Russia.

The 49 Chrome browser extension IDs caught stealing cryptocurrency wallet private keys, discovered by security researcher Harry Denley. The Targeted Cryptocurrency Wallets

Denley further revealed that the cryptocurrency wallets targeted by the 49 malicious Chrome browser extensions were Ledger, Trezor, Jaxx, Electrum, Myetherwallet, Metamask, Exodus, and Keepkey. He found that the most attacked wallet was Ledger, targeted by 57% of the malicious browser extensions. The second most targeted wallet was Myetherwallet (22%), followed by Trezor (8%), Electrum (4%), Keepkey (4%), and Jaxx (2%).

During his test, the security researcher sent funds to a few addresses and entered some secrets. He found that the funds sent were not automatically swept, concluding that the attackers were either only interested in high-value accounts or had to manually empty the addresses. Moreover, he noted that the malicious extensions started to hit the Google Chrome store in February slowly and rapidly increased releases through April. He added that they were reported to Google and removed within 24 hours.

What do you think about all these malicious browser extensions? Let us know in the comments section below.

The post Google Pulls 49 Cryptocurrency Wallet Browser Extensions Found Stealing Private Keys appeared first on Bitcoin News.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Global Cryptocurrency (GCC) на Currencies.ru

$ 0 (+0.00%)

Объем 24H $0

Изменеия 24h: 0.00 %, 7d: 0.00 %

Cегодня L: $0 - H: $0

Капитализация $0 Rank 99999

Цена в час новости $ 0.0016427 (-100%)

extensions google stealing private keys browser cryptocurrency

327 +

Источник: news.bitcoin.com

extensions google → Результатов: 21

Mystery Hacker Tries to Steal Crypto Through Fake Google Chrome Wallet Extensions

Google has removed 49 Chrome extensions masquerading as legitimate crypto wallets, including Ledger, MyEtherWallet, MetaMask and Jaxx, according to MyCrypto's Harry Denley.

2020-4-16 11:00
chrome extensions crypto google myetherwallet metamask ledger

361 +

More Than 1,400,000 XRP Stolen Through Fake Ledger Chrome Extensions

According to a series of Tweets by ‘Xrplorer Forensics’, hackers have been using fake Ledger Live chrome extensions to steal XRP coins from users. The hackers were even advertising their fake extensions on google searches and accounts are already being emptied, according to the Tweet, around 1.

2020-3-26 15:38	xrp news
extensions fake according hackers ledger chrome xrp

246 +

1.4M XRP Stolen via Fake ‘Ledger Live’ Chrome Extension; Still Available on Google

Approximately 1.4 million XRP has been stolen from the users in the month of March alone through the use of a fake Google Chrome extension. Through a thread of tweets released on March 24, a research group known as xrplorer forensics, revealed that hackers are stealing user backup passphrases through fraudulent Ledger Live extensions. Xplorer […]

2020-3-26 21:30	Ripple (XRP)
through google march extension live xrp stolen

345 +

Fake Ledger Live Chrome Extension Stole 1.4M XRP, Researchers Claim

Fake Ledger Live extensions for Google Chrome are being used to collect user backup passphrases, a forensics team claims

2020-3-25 15:56	Google
fake live chrome ledger collect used user

261 +

MetaMask for Ethereum Crosses 1,000,000 User Milestone

MetaMask has now been installed by over 1,000,000 users on Google Chrome according to the latest stats. It’s a major milestone for Ethereum and the MetaMask team. Users on MetaMask continue to grow as the Ethereum wallet plugin becomes one of the hottest cryptocurrency extensions.

2020-2-16 08:10	MetaMask
metamask ethereum users milestone grow continue team

235 +

Fake Ledger Chrome Extension Causes Major Problems

It appears that there are a fair few of malicious Chrome extensions out there. Albeit Google removed two of them, a new fake offering claiming to be a Ledger product has shown up. Ledger is one of the most popular hardware wallet manufacturers in the world.

2020-1-3 01:30	malware
ledger fake chrome shown product claiming world

244 +

MetaMask’s Crypto Wallet App Back On Google Play For Android’s After Being Banned

MetaMask’s Ban from Google Play Has Been Lifted MetaMask, one of the major Ethereum wallet services and browser extensions, has something else to celebrate besides entering the new year, as Google has lifted its browser add-on ban.

2020-1-2 19:10	MetaMask
metamask google wallet lifted browser play ban

214 +

Calendar spam is a thing now, here’s how to protect yourself

Welcome to TNW Basics, a collection of tips, guides, and advice on how to easily get the most out of your gadgets, apps, and other stuff. A few days ago, I was baffled to see an obviously scammy event pop up in my Google calendar: I’d won $2,338 in some ‘annual competition.

2019-8-28 10:11	Basics
calendar out back spam extensions browser suspecting

235 +

Google will remove shady data-stealing Chrome extensions starting October 15

Google is making good on its “root-and-branch review” of third-party developer access to user data. The company has now said its new policy for Minimum Permission and updated User Data policy will be enforced starting October 15, 2019 — in other words, Chrome will no longer support sketchy extensions that gather data on your browsing activity.

2019-7-24 08:46	security
extensions chrome google data policy user had

182 +

Google Chrome plans to cripple ad blockers, crypto-enabled Brave and Opera unyielding

Proposed changes to Google Chrome, the browser of choice for 63 percent of devices, would cripple ad blockers and other privacy-enhancing extensions. Meanwhile, Brave and Opera may deviate from Chrome to retain the functionality of these extensions.

2019-6-11 08:47	Technology
google chrome brave opera cripple blockers plans

176 +

Google is cracking down on Drive and Chrome extensions that abuse your data

Google is expanding its privacy audit to make third-party developer access to Chrome and Google Drive more secure. To that effect, developers must rework their Chrome extensions to request only minimum permissions without compromising their functionality “We’re requiring extensions to only request access to the appropriate data needed to implement their features,” Google outlined on its Safety and Security page.

2019-5-31 11:41	Tech
google extensions data chrome access implement requiring

298 +

You can now try out Microsoft’s Edge browser for macOS

Microsoft has officially announced a preview of its Microsoft Edge browser for the macOS. Microsoft originally unveiled plans for the browser at its annual BUILD developers conference held on May 6.

2019-5-21 11:03	Tech
microsoft browser chrome edge google macos added

202 +

Samourai Wallet Disables Privacy-Related Features To Avoid Removal From Google Play Store

Google continues to challenge crypto-related apps and Chrome extensions, one strange step at a time.

2019-1-9 23:27	wallets and exchanges
google chrome crypto-related apps extensions one time

242 +

Chrome Extensions Will Soon Protect Against Miners and Hackers

Google has announced a number of upcoming changes concerning the development of new extensions for Chrome. Users of the web browser will soon benefit from improved security and better protection against malware including hidden miners and tools used to steal cryptocurrency.

2018-10-3 02:55	security
miners chrome against extensions soon changes hackers

275 +

Trezor Announce New MetaMask Integration On Google Chrome Extension

MetaMask MetaMask brings cryptocurrency to your web browser. Via a Google Chrome or Brave extension, users of MetaMask are able to run Ethereum based decentralised apps, without the inconvenience of running a full Ethereum node.

2018-8-13 17:30	Wallets
metamask chrome google extension new users trezor

273 +

Why Google is Removing All Bitcoin Mining Apps on the Play Store

In its latest move against cryptocurrencies, Google announced its plans to remove all bitcoin and cryptocurrency mining apps from the Play Store. The decision comes just months after banning Chrome extensions that mine cryptocurrency.

2018-7-29 08:05	Crypto
apps store google play mining all bitcoin

284 +

Google bans cryptocurrency mining apps from the Play Store

Google has now banned all cryptocurrency miners from the Play store. Apps that manage mining hardware are apparently okay, though – for now. The new ruling is hidden amongst the July updates to Google’s Developer Policy Center, as spotted by Android Police.

2018-7-27 12:55	Insider
cryptocurrency google apps mining all store policy

239 +

MetaMask Briefly Dropped From Chrome, Phishing Malware Takes Its Place

MetaMask, a popular web plugin that functions as an Ethereum wallet and allows users to run dApps in their browser, was briefly removed from Google Chrome’s web store today. Users speculated that the removal was related to Google’s ban on extensions that can be used for mining.

2018-7-26 21:36	News
mining users google metamask web briefly chrome

228 +

MetaMask Briefly Dropped From Chrome, Phishing Malware Takes Its Place

2018-7-26 03:38	Cryptocurrency News
chrome metamask briefly users mining google takes

272 +

Mozilla wants to localize the most popular Firefox add-ons

Mozilla’s Firefox browser is available in 90 different languages, ranging from Afrikaans to Welsh. Sadly, not all of its extensions are as well translated. This is something the company is actively working on, and during a two week period, the company used the skills of 100 multilingual Firefox volunteers to translate nine of the most popular extensions into seven languages.

2018-7-17 14:43	Apps
firefox extensions mozilla download most company translate

173 +

How to check the security of your Google Chrome extensions

The other day, a friend called me and said that his Google Chrome browser is acting weirdly and may need reinstalling. According to him, every time he searched for something on Google some unknown website appeared with suspicious results.

2018-7-15 17:04	Tech
chrome friend google him every according extensions

237 +

2020-4-16 19:45

extensions google → Результатов: 21

2020-4-16 11:00

2020-3-26 15:38

2020-3-26 21:30

2020-3-25 15:56

2020-2-16 08:10

2020-1-3 01:30

2020-1-2 19:10

2019-8-28 10:11

2019-7-24 08:46

2019-6-11 08:47

2019-5-31 11:41

2019-5-21 11:03

2019-1-9 23:27

2018-10-3 02:55

2018-8-13 17:30

2018-7-29 08:05

2018-7-27 12:55

2018-7-26 21:36

2018-7-26 03:38

2018-7-17 14:43

2018-7-15 17:04

Партнеры Currencies.ru

Реклама на Currencies.ru

Самое свежее на Currencies.ru

Add news: propose for publication, Submit ICO