Published on April 25th, 2014 📆 | 1688 Views ⚑
Chrome Extension Could Be Vulnerable to Cryptocurrency Malware
The malicious Chrome browser extension dubbed as ‘Cryptsy Dogecoin (DOGE) Live Ticker’ which is available on Chrome Web store for free downloads and developed by "TheTrollBox" account. Reddit user noticed that the updated version of the extension has a malicious code, which is designed to hijack the crypto currency transactions.
It is very obvious that the kind of crypto related software extensions is downloaded only by the users who deal with the digital currency. So, once the user installed the malicious extension, the software within the extension starts monitoring users’ web activity and looks for those users who go to Cryptocurrency exchange sites such as Coinbase and MintPal.
After realizing that the user is performing a transaction in digital coins, the malicious extension replaces the receiving address, where the user is trying to transfer his Cryptocurrency, with the a different BTC address of its own (attacker's bitcoin address)
The same happened to a Reddit user, who had been reported this activity from the Cryptocurrency exchange MintPal in a withdrawal confirmation. After then he posted a Warning about the rogue extension on Reddit, advising all to “Be careful of what you install on your devices you use to access your wallets.”
TheTrollBox, the developer of malicious 'Cryptsy Dogecoin (DOGE) Live Ticker' Chrome extension has also developed 21 more similar extensions, which are currently available on Google Chrome Store. These Chrome extensions also could be susceptible to have malicious code, and Google has not taken any action against the reported chrome extensions.
If you have installed any of the followings extensions, then you should remove them as soon as possible:
As the business has moved to greater use of mobile and non-Windows computers, so cyber criminals have adapted techniques monetize their efforts. Due to an increase in the value of digital coins, cyber criminals has added it in their watchlist and making every effort to steal your virtual money.
We have seen Android malware distributed by cyber criminals on Google play store that have hidden Coinkrypt malware, which had capability to turn your mobile device into crypto-currency miners, also cybercriminals spreading malware through Home appliances in order to mine virtual currencies, and now they are started editing software extensions with malicious codes to grab users digital coins.