Two malicious Google Chrome extensions have reportedly drained $800,000 from a cryptocurrency investor named “Sell When Over” on the X platform.
The user suspects that the extensions, named “Sync test BETA (colorful)” and “Simple Game,” contained Keyloggers targeting wallet extension apps. Keyloggers record keystrokes, enabling attackers to access confidential information.
The issue arose after a recent Chrome update, which logged the user out of their extensions and tabs. Following a restart due to a Windows update, the user re-entered credentials, including seed phrases for cryptocurrency wallets, potentially compromising their data.
The malicious extensions sent funds to exchanges MEXC and Gate.io. Investigation revealed that “Sync test BETA (colorful)” was a keylogger sending data to an external PHP script, while “Simple Game” monitored tab activity.
Despite no visible browser issues, the user discovered the extensions later. This incident underscores the ongoing threat of malicious Chrome extensions in the cryptocurrency sector.
In related news, cybersecurity experts warn of similar attacks using malware like Rilide to steal crypto funds via rogue Chrome extensions, highlighting the need for heightened security measures.
Also Read: Google sues crypto scammers over fake apps on play store