Reserved IP Address°C
01-23-2025
BSV
$50.95
Vol 27.42m
-2.82%
BTC
$102586
Vol 61580.62m
-2.4%
BCH
$430.72
Vol 179.6m
-3.43%
LTC
$113.38
Vol 624.26m
-2.38%
DOGE
$0.35
Vol 2790.24m
-3.15%
Getting your Trinity Audio player ready...

A cryptocurrency malware targeting Blockchain.com and MyEtherWallet users was downloaded over 200 times before Google deleted it. The malware presented itself as a tool to prevent the users from cryptojacking malware.

The malware, which disguised itself as a harmless Google Chrome browser extension, was discovered by Harry Denley, a security researcher behind the crypto security database, EtherscamDB.

Some 230 Chrome users had already downloaded the extension before Google took it down. On the Chrome Web Store, the extension went by the name NoCoin – Block Coin Miners.

“From the start, it looked like it did what it should — it was detected various CryptoJacking scripts (CoinHive, MinerAlt, WebminerPool) and there was a nice UI to let me know it was doing its job,” Henley wrote.

The extension required its users to input their public addresses so as to participate in the fake Huobi airdrop. For those who did, it redirected them to a fake Huobi Global site. This site prompted the users to input their private addresses. As soon as they did, the hackers would gain access to their crypto wallets and drain them immediately.

Henley further advised crypto owners to be on the lookout as such phishing scams have become worryingly common. For one, you should never “install a browser extension that has the ability to modify the DOM that you/trusted source has not audited,” he wrote. 

You also shouldn’t “blindly trust legitimate looking warnings to get you to install software.” Hackers take advantage of most people’s unwavering trust in any program that seems to be protecting them.

And lastly, you should “never enter your secrets online — always use an offline signing mechanism,” he concluded. Offline signing mechanisms such as Trezor and Ledger ensure that you have that one more layer of protection should hackers decide to target you.

Malware targeting cryptocurrencies have become quite common as cryptos increase in popularity. It has also become very versatile to adapt to the efforts of the security experts who try to stop them. As we recently reported, one new malware named Razy was able to discover crypto addresses on various websites and replace them with the hackers’ addresses. For those who don’t double-check addresses before sending a transaction, they could end up playing right into the hackers’ hands.

Recommended for you

India to bolster AI adoption, upskilling under Microsoft deal
India is powering up its artificial intelligence ambitions by sealing a billion-dollar deal with Microsoft which includes the establishment of...
January 23, 2025
Maldives, Estonia ink MoU; Sigma Capital aids Web3 startups
Maldives partnered with Estonia, pledging to explore emerging technologies to improve public sector services. Elsewhere, Sigma Capital launches a $100M...
January 23, 2025
Advertisement
Advertisement
Advertisement