March 15, 2019

Google removes malware targeting.

The Google Chrome browser extension is tricking users into participating in a fake eidrope from a cryptocurrency exchanger. At the moment, Huobi has already more than 200 applications from victims, said a security researcher.
The extension for the Chrome web browser named NoCoin received 230 downloads before Google removed it. According to Harry Denley, who manages the EtherscamDB cryptocurrency fraudulent database.

Denly noted that hackers deliberately disguised a malicious extension to make it look like a tool that protects users from cryptocurrency malware or so-called cryptodocumentation.

“From the very beginning, it looked as if he did what he had to do — he found [sic] various CryptoJacking scripts [...], there was a nice interface that lets me know that he is doing his job,” he explained in his blog. .

However, it later became apparent that the extension was asking for the input of private keys from the popular wallet interfaces MyEtherWallet (MEW) and Then the private keys are sent to hackers who can empty their wallets.

The extension was proposed at the end of a fake advertising campaign, allegedly from the crypto exchanger Huobi, which offered useless tokens based on the ERC20 Ethereum network to unwitting consumers.

It is not known how long the extension has remained available for Google Chrome users.

To the extent that bad players targeting cryptocurrency users are looking for increasingly vile methods of cheating newbies in transferring access to funds. Literally this week, in a report, cryptojacking was noted as one of the most popular ways of cheating.

Google itself in the past has been sharply criticized for the apparent absence of any efforts, when in February it gave the opportunity to download a fake version of the popular decentralized MetaMask application from its Play store.