A user raised an alert on Reddit, on the presence of a malicious Chrome browser extension, on the official store, that is able to steal digital coins.
Security experts have recently observed a significant increase for the number of malicious browser extensions, malware authors are exploiting the usage of browser addons to conduct illicit activities. Today we discuss about a new browser extension of Google Chrome, dubbed Cryptsy Dogecoin (DOGE) Live Ticker, that according security community is targeting crypto currencies schema. The browser extension was designed by cyber criminals to steal Bitcoins and other crypto coins.
Malware authors with increasing frequency are targeting crypto currency users, the trend is motivated by the desirable value of the digital coins and by the simplicity to arrange malicious campaigns targeting them.
The alert was raised by user on Reddit which observed that the browser extension on the store extension include a malicious code designed to target and hijack the crypto currency transactions.
“If you use any extensions in your browser, you’re vulnerable to updates which happen automatically without your knowing. This means you can be using it for weeks/months until the bad author updates the addon/extension with malicious code. It appears the author made an update today to steal Ð among other digital currencies 🙁 The extension is Cryptsy Dogecoin (DOGE) Live Ticker There is likely similar tickers for other currencies. “
“Use Chrome without extensions whenever dealing with bitcoins online. Either start Chrome with chrome –disable-extensions, or use private mode (check carefully that all extensions are disabled in private mode).When viewing a recipient’s bitcoin address on screen, check the source code of the page to see if it shows exactly the same address. In Chrome, press CTRL+U and look for the address. A code inspector (e.g. the one that opens by pressing F12) won’t work since it shows you the code including changes made by Javascript after having loaded the page.”
Share On
