Google Fights Crypto Crime
Google has recently announced the removal of just under 50 separate Chrome extensions from its web store. These extensions posed as legitimate cryptocurrency wallet applications, but in fact contained hacker code that caused all funds and login data stored within them to be forwarded to wallets controlled by bad actors.
Harry Denley – the director of security at the My Crypto platform – is the person responsible for uncovering the extensions. As many as 49 individual applications were removed, all of which are believed to come from the same Russian hacker group.
In a statement, Denley explains:
While the extensions all function the same, the branding is different depending on the user they are targeting.
Crypto theft is nothing new, with the two biggest forms coming by way of crypto jacking or direct attacks on digital exchanges. The first occurs when a hacker takes over a person’s digital device or computer without their knowledge or consent. From there, they begin mining cryptocurrency, primarily Monero, which is very popular among hackers due to its quasi-anonymous properties.
The process unveils rewards only for the malicious party, while the owner of the device garners nothing minus the heavy energy bill they likely receive at the end of each month. While their crypto is not being directly stolen, the hacker is taking money by utilizing the device owner’s electricity without permission, which in the end constitutes theft.
Attacking crypto exchanges are often much more dangerous and upfront. Some of the biggest crypto thefts in history have occurred through exchange attacks. Two that probably come to mind for most digital currency enthusiasts include Mt. Gox and Coincheck, both of which occurred four years apart (2014 and 2018) in Japan.
The first, Mt. Gox, saw more than $400 million in BTC funds disappear practically overnight, while Coincheck’s losses were even greater and totaled more than half-a-billion.
This Could Happen Again Soon
The extensions discovered by Denley posed as wallet applications for an array of different companies including Ledger, Jaxx, Electrum, Meta Mask and Exodus. He also unveiled that the hackers are probably not as skilled as one might believe. Thefts often did not occur right away, which means that the hackers probably hadn’t discovered how to automatically invoke theft and had to access each wallet separately.
While the extensions have been taken down, Denley claims the group responsible for them is still out there, and he thinks other attempts will pop up in the coming months. He advises all traders to keep an eye out and to report any suspicious activity to Crypto Scam DB.