Google distributed malicious Chrome app designed to steal your cryptocurrency - The Next Web
Google distributed malicious Chrome app designed to steal your cryptocurrency The Next WebBe wary if you come across ads for an airdrop, distributing tokens for cryptocurrency exchange Huobi: someone might be trying to steal your coins.
Be wary if you come across ads that promote an airdrop, distributing tokens for popular cryptocurrency exchange desk : the offer might be fake, and you might be getting swooped into an elaborate ploy designed to steal your coins.
Security researcher Harry Denley, who maintains popular anti-phishing database , has unearthed a phishing campaign that tricks victims into downloading a malicious Chrome extension, programmed to get a hold of your wallet‘s private keys.
What makes the attack vector particularly sneaky is that the Chrome extension – called NoCoin – was disguised as an app to block surreptitious cryptocurrency mining (also known as ). Indeed, the malicious extension looks pretty much identical to popular crypto-jacking blocker, .
To get users to download the infected extension, the hackers built a fake token named after Huobi. The token was distributed via a website, which despite claiming to be an airdrop platform, invited visitors to download the malicious app.
Once installed, the fake mining blocker targeted users of wallet solutions MyEtherWallet and Blockchain.com.
The malicious extension had been downloaded by at least 230 users, according to screenshots provided by Denley. Fortunately, Google has since it from the Chrome Web Store.
For the record, this isn’t the first time hackers have managed to sneak malware past Google’s defensive mechanisms. Last year, an investigation by Hard Fork found Google of cryptocurrency malware on its Android software distribution platform Google Play.
For those interested in a closer look at the elaborate phishing scam, Denley has detailed it in a Medium.
Did you know? Hard Fork has its own stage at , our tech conference in Amsterdam. .
Published March 15, 2019 — 11:45 UTC