A malicious Chrome extension could swap your crypto address with an attacker’s address
The suspicious Google Chrome web extension was found by the security team at cryptocurrency exchange KuCoin.
Cryptocurrency criminals are always looking for new ways to steal from their unsuspecting victims, and there’s now another trick of which users need to be aware. The security team at exchange KuCoin has found a malicious Google Chrome web extension, which could replace a user’s withdrawal address with an attacker’s address.
📬
Subscribe to Crypto Africa and receive updates about the latest crypto developments in Africa. Subscribe Now
Reference information
- The extension’s name is “Google Sheets,” according to KuCoin. The exchange did not provide a link to the extension.
- The exchange posted the following tweet via its official Twitter account on August 24.
The #KuCoin security team has noticed a malicious Chrome web extension called Google Sheets which may replace your withdrawal address with the attacker's address when you try to make a transaction.
— KUCOIN (@kucoincom) August 24, 2022
Please don't download any suspicious extensions, or click any suspicious links.⚠️
Meanwhile
- Security continues to be one of the cryptocurrency industry’s Achilles heels, with hacks, scams and other crypto crimes still resulting in billions of dollars of stolen wealth.
- Blockchain analytics company Chainalysis recently published a report which found that revenue from cryptocurrency scams and hacks from Jan. to July 2022 have totaled about $3.5 billion.
- The only way to stop crypto scams and hacks is for the industry to shore up security and continuously educate users, the analytics firm wrote.
