Google Deletes Crypto Malware Targeting Blockchain.com, MyEtherWallet Users

The malicious Google Chrome web extension was tied to a fake token airdrop from cryptocurrency exchange Huobi.

A Google Chrome browser extension tricking users into participating in a fake airdrop from cryptocurrency exchange Huobi claimed over 200 victims, a security researcher reported in a blog post on March 14.

The extension for Chrome web browser, with the name NoCoin, gained 230 downloads before Google deleted it, according to Harry Denley, who runs cryptocurrency scam database EtherscamDB.

Denley noted that hackers had purposely disguised the malicious extension to look like a tool protecting users from cryptocurrency malware or so-called cryptojacking.

“From the start, it looked like it did what it should — it was detected [sic] various CryptoJacking scripts […] and there was a nice UI to let me know it was doing its job,” he explained in the blog post.

Behind the facade, however, it became apparent the extension requests the input of private keys from popular wallet interfaces MyEtherWallet (MEW) and Blockchain.com. Private keys are then sent to hackers, who can empty wallets of holdings.

The extension lay at the end of a fake giveaway campaign, ostensibly from crypto exchange Huobi, which offered worthless ERC20 Ethereum network-based tokens to unwitting consumers.

It is unknown how long the extension remained available for Google Chrome users.

As Cointelegraph continues to report, bad actors targeting cryptocurrency users have sought increasingly nefarious methods of tricking novices into handing over access to funds. Just this week, a report identified cryptojacking as a sign of increasingly discreet behavior among hackers.

Google itself has come under fire for its own apparent lack of diligence in the past, in February pulling a fake version of popular decentralized app MetaMask from its Play store.

As Cointelegraph reported last month, users of cryptocurrency wallets Electrum and MEW were also facing phishing attacks, according to posts published on Reddit and Twitter.

COMMENTS

By Readers$type=blogging$cate=2$count=6

Name

Analysis,498,News,2612,Press Releases,338,Sponsored,137,
ltr
item
CryptoNomus: Google Deletes Crypto Malware Targeting Blockchain.com, MyEtherWallet Users
Google Deletes Crypto Malware Targeting Blockchain.com, MyEtherWallet Users
https://images.cointelegraph.com/images/528_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS9zdG9yYWdlL3VwbG9hZHMvdmlldy80ZGZiZGQwZGRlYzAzOGYzYzA1ZjdhNDkxNGUxYTU1ZC5qcGc=.jpg
CryptoNomus
https://www.cryptonom.us/2019/03/google-deletes-crypto-malware-targeting.html
https://www.cryptonom.us/
https://www.cryptonom.us/
https://www.cryptonom.us/2019/03/google-deletes-crypto-malware-targeting.html
true
4884201149675661183
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy