A Chrome browser extension tricking users into participating in a fake airdrop from claimed over 200 victims, a security researcher reported in a on March 14.
The extension for Chrome web browser, with the name NoCoin, gained 230 downloads before Google deleted it, according to Harry Denley, who runs scam database EtherscamDB.
Denley noted that hackers had purposely disguised the malicious extension to look like a tool protecting users from or so-called .
“From the start, it looked like it did what it should — it was detected [sic] various CryptoJacking scripts […] and there was a nice UI to let me know it was doing its job,” he explained in the blog post.
Behind the facade, however, it became apparent the extension requests the input of from popular interfaces MyEtherWallet (MEW) and . Private keys are then sent to hackers, who can empty wallets of holdings.
The extension lay at the end of a fake giveaway campaign, ostensibly from crypto exchange Huobi, which offered worthless network-based to unwitting consumers.
It is unknown how long the extension remained available for Google Chrome users.
As Cointelegraph continues to report, bad actors targeting users have sought increasingly nefarious methods of tricking novices into handing over access to funds. Just this week, a report cryptojacking as a sign of increasingly discreet behavior among hackers.
Google itself has come under fire for its own apparent lack of diligence in the past, in February a fake version of popular MetaMask from its Play .
As Cointelegraph last month, users of wallets Electrum and MEW were also facing phishing attacks, according to posts published on and .
Published at Fri, 15 Mar 2019 14:08:10 +0000