As per the CASA CEO, Jereme Welch, a new chrome extension has been posing continuous threats to cryptocurrencies like Bitcoins. At an event held at the Baltic Honeybadger, Welch warned the audience about the new phishing scam that can help scammers steal cryptocurrencies right away. He added, “Browser extensions impose major risks, and these risks have not been discussed until this point,” clarifying that this is a new threat from the scammers. He also warned the users not to reveal their Bitcoin addresses anywhere.
The scammers use chrome extensions for stealing crypto by looking at browsing history of the user. Through the browsing history, anyone can bring out the users’ online habits and that includes the crypto websites that users visit quite often. Another way that the extension leaks the data to the scammers is by capturing the KYC information of the users and then passing those on to the scammers. All these happened without even getting an iota of doubt. He might be experiencing a nice background but least he knows that the browser is dumping his data. When all these fell short, spammers adhered to use a chrome extension to default users. They used a nice-looking chrome extension which also looked like an essential tool, wherein the users can check the price of the cryptocurrencies. Just as they log in with their crypto details, the spammers start capturing all the necessary data that can facilitate into the smooth stealing of all your crypto-related data.
The spammers broke into the DNS server of the wallet provider’s website, replaced their genuine address, redirected it to a phishing website, and then started stealing all their data. Another technique that the spammer use is by spreading fake token sale across the social media platforms to attract the users’ attentions. This directs the users to log into a legitimate-looking site, thereby, exposing all their details in the hands of the spammers. The malware starts stealing the users’ details like the photo on his driver’s license and then decoding the data in it by using some other software.
There is no specific solution to these as such and Welch said that the safety of the users lies in the hands of the developers. They can only make the users’ web experience safer and smoother. However, CASA is planning to undergo more security researches and encouraging the Bitcoin entrepreneurs and developers to report to them about any such mishaps.