According to reports, two malicious Google Chrome extensions stole $800,000 from “Sell When Over,” a cryptocurrencycurrency investor on the X platform.
The user believes that the extensions “Simple Game” and “Sync test BETA (colorful)” had Keyloggers intended to target wallet extension apps. Keyloggers are devices that capture keystrokes, giving hackers access to private data.
Following a recent Chrome upgrade that forced the user to log out of all of their tabs and extensions, the problem started. The user may have compromised their data by reentering their credentials, including seed phrases for bitcoin wallets, after restarting their computer as a result of a Windows upgrade.
Money was transferred to exchanges MEXC and Gate.io using the malicious extensions. After some research, it was discovered that “Sync test BETA (colorful)” was a keylogger that was monitoring tab activity and transferring data to an external PHP script.
The user found the extensions later, even though there were no obvious browser problems. This episode emphasizes how dangerous malicious Chrome extensions continue to be in the bitcoin space.
In related news, cybersecurity professionals alert us to similar assaults that leverage malware such as Rilide to steal cryptocurrencycurrency using malicious Chrome extensions, emphasizing the necessity for stronger security protocols.