Were you logged on blockchain.com wallet when you installed the add-on?
Yes.
Did you do all the security steps in blockchain.com wallet? Did you use 2fa, for example?
Did not use 2FA.
Topic: Someone hacked into our Blockchain.com wallet - page 2. (Read 655 times)
Were you logged on blockchain.com wallet when you installed the add-on?
Yes.
Did you do all the security steps in blockchain.com wallet? Did you use 2fa, for example?
Did not use 2FA.
Well, first thing change your browser to a more reliable one, such as Firefox.
Were you logged on blockchain.com wallet when you installed the add-on?
Did you do all the security steps in blockchain.com wallet? Did you use 2fa, for example?
Often people don't follow basic security steps which are recommend by the services...maybe a 2fa could have avoided this.
Answering yohr questions:
1- blockchain.com wallet is not the safest, however its not a scam, and it is a nice initiative for newbies. It is easy to use and if you all follow all recommended security steps, you are *somehow* safe, but you should never use it for high amounts.
The add-on probably installed some kind of malware and , if you were already logged, easy to get...or if you had no 2fa and password was saved in browser?
2-i would definitely format it. Additionally, I would buy a ledger nano from the official retailer. https://www.ledger.com
3 -i am not familiar, but ledger nano allows you to use it safely in any infected computer.
Were you logged on blockchain.com wallet when you installed the add-on?
Did you do all the security steps in blockchain.com wallet? Did you use 2fa, for example?
Often people don't follow basic security steps which are recommend by the services...maybe a 2fa could have avoided this.
Answering yohr questions:
1- blockchain.com wallet is not the safest, however its not a scam, and it is a nice initiative for newbies. It is easy to use and if you all follow all recommended security steps, you are *somehow* safe, but you should never use it for high amounts.
The add-on probably installed some kind of malware and , if you were already logged, easy to get...or if you had no 2fa and password was saved in browser?
2-i would definitely format it. Additionally, I would buy a ledger nano from the official retailer. https://www.ledger.com
3 -i am not familiar, but ledger nano allows you to use it safely in any infected computer.
1. Chrome addons allow access to a lot of things. I'm assuming it asks you by giving you a menu of permissions as to what the site is allowed to access. I think you should format chrome (if they use user profiles, just delete that and start afresh). Maybe be clever and don't give him access to your wallet if he can't browse the internet without damaging your companies reputation/finances.
2. I don't think chrome addons have access to anything but google chrome and stuff that's put on it (switching out chrome for a better browser such as firefox is also what I'd suggest
).
You ought to go here and log exactly what happened to them: https://chrome.google.com/webstore/report/joofmeiidadomccpmeaoagdogmbifhlh
Also give them a 1 star review and explain what happened, at the moment others are still at risk and you have a responsibility to inform them.
EDIT: blockchain.com isn't as secure as a wallet on your computers either (such as an encrypted electrum wallet).
2. I don't think chrome addons have access to anything but google chrome and stuff that's put on it (switching out chrome for a better browser such as firefox is also what I'd suggest
). You ought to go here and log exactly what happened to them: https://chrome.google.com/webstore/report/joofmeiidadomccpmeaoagdogmbifhlh
Also give them a 1 star review and explain what happened, at the moment others are still at risk and you have a responsibility to inform them.
EDIT: blockchain.com isn't as secure as a wallet on your computers either (such as an encrypted electrum wallet).
Someone posted here a scam (Crypton-Exchange.net), one of our admins was naive to try it, and the site told him to install an addon in order to withdraw the funds, naively he installed it and now we realized someone withdrew $2,300 from our Blockchain.com account (money that we intended to use to pay publishers, sadly is gone now).
The money was sent to 16EegrNMdZ9Rxku6Za5neEFjMW57wkQr1S
https://www.blockchain.com/btc/tx/0fe187e55c07772d47d1c588c80195f5977aa139d814feb39bdab968253c8f60
The addon was:
https://chrome.google.com/webstore/detail/cr-cash-plugin/joofmeiidadomccpmeaoagdogmbifhlh/related
From CryptoDraw.org
Few questions:
1) How did the Chrome addon allowed someone to withdraw funds from Blockchain.com? Isn't Blockchain.com safe?
2) Does this admin of ours need to format his laptop and change all passwords? He did remove that Chrome extension from his laptop.
3) Is anyone familiar with these types of scams? Can you provide more info about this Google Chrome extension etc.?
The money was sent to 16EegrNMdZ9Rxku6Za5neEFjMW57wkQr1S
https://www.blockchain.com/btc/tx/0fe187e55c07772d47d1c588c80195f5977aa139d814feb39bdab968253c8f60
The addon was:
https://chrome.google.com/webstore/detail/cr-cash-plugin/joofmeiidadomccpmeaoagdogmbifhlh/related
From CryptoDraw.org
Few questions:
1) How did the Chrome addon allowed someone to withdraw funds from Blockchain.com? Isn't Blockchain.com safe?
2) Does this admin of ours need to format his laptop and change all passwords? He did remove that Chrome extension from his laptop.
3) Is anyone familiar with these types of scams? Can you provide more info about this Google Chrome extension etc.?
Jump to: