Fun

Google Pulls 49 Cryptocurrency Wallet Browser Extensions Found Stealing Private Keys

News Feed - 2020-04-16 01:04:12

Google Pulls 49 Cryptocurrency Wallet Browser Extensions Found Stealing Private Keys


Google has removed 49 cryptocurrency wallet browser extensions after a security researcher discovered they were stealing private keys. These Chrome extensions targeted users of crypto wallets, such as Ledger, Trezor, Jaxx, Electrum, Myetherwallet, Metamask, Exodus, and Keepkey.


Also read: Bitcoin Revolution: Wanna Earn $1,000 a Day? Government Warns About This Scam49 Malicious Chrome Browser Extensions


Security researcher Harry Denley revealed on Tuesday that 49 Chrome browser extensions have been stealing users’ cryptocurrency wallet private keys. Denley is the director of security at Mycrypto, an open-source tool for generating ether wallets and handling ERC20 tokens.


Posing as legitimate cryptocurrency wallet extensions, the 49 fake Chrome browser extensions contained malicious code that stole private keys, mnemonic phrases, and keystore files, the director described. They gathered data entered during different wallet configuration steps and sent them to one of the attacker’s servers or a Google Form. Some of these fraudulent browser extensions even had a network of fake users rating them with five stars or positive feedback. According to Denley, the extensions appear to be the work of one person or a group of people who are likely to be based in Russia.The 49 Chrome browser extension IDs caught stealing cryptocurrency wallet private keys, discovered by security researcher Harry Denley.The Targeted Cryptocurrency Wallets


Denley further revealed that the cryptocurrency wallets targeted by the 49 malicious Chrome browser extensions were Ledger, Trezor, Jaxx, Electrum, Myetherwallet, Metamask, Exodus, and Keepkey. He found that the most attacked wallet was Ledger, targeted by 57% of the malicious browser extensions. The second most targeted wallet was Myetherwallet (22%), followed by Trezor (8%), Electrum (4%), Keepkey (4%), and Jaxx (2%).


During his test, the security researcher sent funds to a few addresses and entered some secrets. He found that the funds sent were not automatically swept, concluding that the attackers were either only interested in high-value accounts or had to manually empty the addresses. Moreover, he noted that the malicious extensions started to hit the Google Chrome store in February slowly and rapidly increased releases through April. He added that they were reported to Google and removed within 24 hours.


What do you think about all these malicious browser extensions? Let us know in the comments section below.How to Hide Your Bitcoin - Opsec, Anonymity, Cold Storage, Brainwallet, Dexes and Non-CustodialsSECURITY | Feb 25, 2020


In an era of increasing economic uncertainty, surveillance, specialized cybercrime and hacking, knowing how to hide bitcoin safely has become… read more.Bitgo to Offer Regulated Crypto Custody in Switzerland and GermanySECURITY | Feb 11, 2020


European crypto exchanges, as well as other companies with significant crypto holdings they need to protect, now have another option… read more.Tags in this storyBitcoin, browser extensions, browser steal cryptocurrency, browser steals private keys, BTC, Chrome, chrome extension, crypto, Cryptocurrency, Google, Google Chrome, google crypto, google crypto wallets, google cryptocurrency, google private keys, google wallet, google wallet extensions, steal private keys, wallet extensions


Image Credits: Shutterstock, Pixabay, Wiki Commons, Harry DenleyPurchase Bitcoin without visiting a cryptocurrency exchange. Buy BTC and BCH here.Disclaimer: This article is for informational purposes only. It is not an offer or solicitation of an offer to buy or sell, or a recommendation, endorsement, or sponsorship of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.Read disclaimer Show comments

News Feed
Amaka Nwaokocha21 minutes agoOpenAI says ChatGPT-4 cuts content moderation time from months to hoursInsights gained from these endeavors will contribute to refining current content policies or crafting new ones in unchar
2023-08-16 17:38 PM
DeepMind CEO says Google to spend more than $100B on AGI despite hype
Tristan Greene6 hours agoDeepMind CEO says Google to spend more than $100B on AGI despite hypeDemis Hassabis previously compared crypto and AI, saying both had a problem with hype and scams.672 Total views8 Total sharesL
2024-04-17 02:01 AM
Australians Can Now Pay for Bitcoin at 3,500 Australia Post Offices
Australians Can Now Pay for Bitcoin at 3,500 Australia Post OfficesAustralian residents can now pay for bitcoin at more than 3,500 national post offices. The new service launched by
2020-06-25 22:40 PM
Wall Street Journal Reporter Chastised Over Satoshi Nakamoto ‘Unmasking’ Editorial
Wall Street Journal Reporter Chastised Over Satoshi Nakamoto ‘Unmasking’ Editorial During the last week, mainstream media outlets have been publishing reports that say “
2021-11-16 04:30 AM
Gucci to Accept Crypto Payments in Retail Stores
Gucci to Accept Crypto Payments in Retail Stores High-end fashion house Gucci will begin accepting cryptocurrencies at some of its stores this month, including bitcoin, ether, doge
2022-05-06 07:30 AM
‘SEC Will Stop at Nothing to Control Entire Crypto Space,’ Says Former Federal Prosecutor
"SEC Will Stop at Nothing to Control Entire Crypto Space," Says Former Federal Prosecutor A former federal prosecutor says that the U.S. Securities and Exchange Commission (SEC) &#
2021-09-09 10:30 AM
WEF’s Great Reset Agenda Continues to Get Significant Pushback From Critics
WEF"s Great Reset Agenda Continues to Get Significant Pushback From Critics Amid the Covid-19 pandemic in 2020, the world’s bureaucrats, financial institutions, multinationa
2022-08-12 05:30 AM
Filipino artists hacked to promote XRP scam
Ezra Reguerra10 hours agoFilipino artists hacked to promote XRP scamBen&Ben, a nine-piece pop band with over 3 million YouTube followers, started livestreaming a fraudulent XRP advertisement.2256 Total views13 Total
2024-07-15 22:43 PM
Ripple CTO Says One Important Lesson From FTX Meltdown ‘Will Not Be Learned’
Ripple CTO Says One Important Lesson From FTX Meltdown "Will Not Be Learned" A Ripple executive says there is one important lesson from the meltdown of crypto exchange FTX that he
2022-11-24 12:00 PM
Crypto.com Launches US Exchange — Institutional Investors Granted Access First
Crypto.com Launches US Exchange — Institutional Investors Granted Access First The digital currency exchange Crypto.com has revealed it’s launching a crypto trading platfo
2022-03-16 03:00 AM
Former Fed Chair Bernanke: Bitcoin Is Mainly Used in Underground Economy for Illicit Activities
Former Fed Chair Bernanke: Bitcoin Is Mainly Used in Underground Economy for Illicit Activities Former Federal Reserve chairman Ben Bernanke says the main use of bitcoin is “
2022-05-17 09:00 AM
Turner Wright3 hours agoFederal judge suggests Q2 2024 trial for SEC case against Ripple execsAiming for a jury trial to start between April 1 and June 30, 2024, Judge Analisa Torres laid out deadlines for the SEC and Ri
2023-08-10 05:36 AM