A security researcher discovered a new set of Google Chrome browser extensions that tried to steal users' cryptocurrencies. Although Google is quick in removing malicious Chrome extensions, they keep popping up, creating phishing victims, and causing Google to restrict their policies.
These Chrome extensions disguise themselves as legitimate cryptocurrency wallets but are actually used for phishing. Once installed, they steal the users' private keys and other valuable information.
One common tactic of cybercriminals is creating multiple extensions that do the same destructive thing, with different names. This way, even if one is taken down, they can continue to operate. This also makes monitoring harmful extensions much more challenging
Check your device for harmful extensions
Once this batch of malicious extensions was discovered, Google responded quickly and took action within 24 hours:
"We want to ensure that the path of a user discovering an extension from the Chrome Web Store is clear and informative and not muddled with copycats, misleading functionalities or fake reviews and ratings."
Google announced a new set of rules to help prevent cybercriminals from publishing malicious extensions. The new regulations include prohibiting developers from publishing multiple extensions that do the same thing and forbids publishing misleading information, including anonymous user reviews.
These rules might help lower the appearances of new malicious extensions, but it won't demolish them. Hackers and cybercriminals are very clever and keep finding new ways to create phishing victims.
How to protect yourself from harmful extensions:
- At Guardio, we developed a new feature to prevent any malware contact, and you can get pre-install alerts and not waste any time contemplating about the safety of an extension.
- Scan your device for harmful extensions and get them immediately removed. Get a free scan