The Google Chrome browser found 22 new extensions posing as official products of cryptocurrency wallet developers. This is written by Naked Security.
Fake extensions, including simulating Ledger, KeepKey, MetaMask and Jaxx wallets, were discovered by security specialist Harry Denly.
According to Denly, Google's support worked exceptionally quickly. He finds new malicious extensions almost every day, but usually within 24 hours after the request, all of them were deleted.
In April, the researcher already reported 49 extensions stealing keys from bitcoin wallets. All of them "almost identically" copied the functionality of official wallet SOFTWARE, but contained malicious code to steal private keys, mnemonic phrases, and other user data.
Google has since updated its rules for adding extensions, specifically prohibiting developers from publishing extensions that perform the same functions or exist only to launch other apps.
However, as MetaMask lead developer Dan Finley recently wrote, the problem is that Google is not making enough effort to limit phishing ads that lead to such fake extensions.
According to him, the number of fake MetaMasks extensions is growing, and all of them are likely to successfully pass through the manual security verification process.
Recall that in March, Twitter users discovered a fake extension for Google Chrome that steals passphrases for password recovery. With its help, hackers managed to steal more than 1.4 million XRP coins.