Google has pulled 49 browser extensions from its Chrome Web Store that posed as legitimate cryptocurrency wallets but contained malicious code that sent users' private keys to a Russia-based hacker. ZDNet first reported on the incident and says the thefts of at least three people's cryptocurrency has been linked back to the extensions.
The malicious extensions not only affected Chrome, but also Microsoft's Edge browser, which is built on Chromium and supports the installation of extensions designed for Chrome.
The extensions in question imitated the name and design of legitimate wallet apps including MyEtherWallet and Ledger. They even functioned almost identically to the real apps, letting users log-in and access their private stashes of cryptocurrency. But as soon as a user typed their wallet credentials into one of these extensions, the information was sent to the hacker's own server or a Google Form.
The risk of crypto — Google thankfully responded by pulling the extensions as soon as it was alerted, but the situation highlights the risk involved in parking your money in cryptocurrencies like Bitcoin and Ether. Any money that victims have lost as a consequence is essentially gone forever because by design cryptocurrency transactions cannot be reversed.
Some believe this is a good feature because people cannot buy something from you only to issue a chargeback, but understandably it can also result in heartbreak if you get duped into using a fake wallet as has occurred here. In this way you can think of crypto like a wad of cash under your mattress. You lose it and it's gone. The incentive is so high for hackers because it's trivial to get away with a crypto theft. Digital currency wallets aren't insured and you can't just call your card company to report fraud.
It seems like Google could do more to police cryptocurrency wallet extensions considering the significant risk. Right now it's up to outside watchdogs like CryptoScamDB, where people can report Chrome wallet extensions they believe might be fraudulent. Researchers use that site to hunt down bad extensions and report them to Google.
Let this serve as a reminder to be careful whenever you type in your wallet credentials somewhere.