Latin America has been hit by cyberattacks using malicious Google Chrome extensions. Attackers targeted financial institutions, booking sites, and instant messaging. Malware used in this attacks was dubbed Predasus. Predasus Malware Targets Chromium-based Browsers in Latin America Threat analysts have discovered a new malware called “Predasus”. Attackers use this malware to insert harmful code through… Continue reading Predasus Malware Attacks Latin America Through Browser Plugins
Tag: Chrome extension
Researcher discovered that Chrome Sync function can be used to steal data
Croatian researcher Bojan Zdrnja discovered a malicious Chrome extension abusing Chrome Sync. If you do not use Chrome, let me remind you that this function is applied to synchronize data between different user’s devices, and stores copies of all user bookmarks, browsing history, passwords, as well as browser settings and browser extensions on Google cloud… Continue reading Researcher discovered that Chrome Sync function can be used to steal data
Malicious Ledger Live extension for Chrome steals Ledger wallet data
Harry Denley, Director of Security in MyCrypto discovered the malicious Ledger Live extension for Chrome, which is actively advertised on Google and stealing Ledger wallet data. It masks itself as a real Ledger Live tool intended for users of Ledger hardware wallets and their mobile or desktop devices. “Extension has no browser permissions. It only… Continue reading Malicious Ledger Live extension for Chrome steals Ledger wallet data
Shitcoin Wallet for Google Chrome steals cryptocurrency passwords and keys
One of the extensions for Google Chrome, Shitcoin Wallet injects a special JavaScript code into web pages. Using this code, attackers steal passwords and private keys from cryptocurrency wallets and services. The first problematic addon appeared on December 9th. The extension received the identifier ckkgmccefffnbbalkmbbgebbojjogffn. Shitcoin Wallet developers claim that the extension allows users to… Continue reading Shitcoin Wallet for Google Chrome steals cryptocurrency passwords and keys