Web3 Extension Malware | Bitcointalksearch.org

albon

legendary

Activity: 1680

Merit: 1343

Quote from: zasad@ on August 25, 2022, 02:44:56 PM

https://twitter.com/kucoincom/status/1562301841529978883
"The #KuCoin security team has noticed a malicious Chrome web extension called Google Sheets which may replace your withdrawal address with the attacker's address when you try to make a transaction.
Please don't download any suspicious extensions, or click any suspicious links.⚠️"

Thank you for sharing this, there are many malicious extensions on Chrome browser and Firefox. Most of these extensions are not the original extension for the wallet or the exchange, but rather a fake extension with the same name, so everyone should be careful, the simple solution is to put important sites and their extensions in the bookmark and avoid Trust any messages that come on the mail because most of these messages contain links to fake sites.

zasad@

legendary

Activity: 1736

Merit: 4270

https://twitter.com/kucoincom/status/1562301841529978883
"The #KuCoin security team has noticed a malicious Chrome web extension called Google Sheets which may replace your withdrawal address with the attacker's address when you try to make a transaction.
Please don't download any suspicious extensions, or click any suspicious links.⚠️"

robelneo

legendary

Activity: 3192

Merit: 1198

Bons.io Telegram Casino

Quote from: Charles-Tim on August 21, 2022, 08:04:20 AM

Quote from: OcTradism on August 21, 2022, 07:44:20 AM

I always try to limit the applications I install on my PC, laptop and mobile devices. The more softwares, applications, extensions I install on my devices, the more risk I will have. Prevention is better than cure and installation reduction is prevention.

That is how it suppose to be, to avoid malware, by visiting just official websites. But we should also remember there are other things to do to avoid malware, especially by avoiding ads and torrent files.

The most harmful ones are the ones coming from porn sites even if you have a premium anti-virus and malware fighter there's a possibility that few of them can get in, I have a friend who thinks that these anti-virus and malware remover can intercept all these pop-ups and force to download items, but there are a few pop-ups and call to action ads that get in bypassing your anti-virus, no problem watching porn occasionally but be sure to only browse safe porn sites, some small porn sites make money from files you download to your machine without you aware that it's already downloaded.

JollyGood

legendary

Activity: 2506

Merit: 1710

Top Crypto Casino

As far as I know, when adding a chrome extension in most if not all cases you are effectively giving permission several things you would normally never even consider doing such as (depending on what extension you install and for what purpose) allowing access to your data for all the browsing you have done and to read and modify your privacy settings as well as control your browser proxy settings.

When adding any extension you really have to be very careful because you have no idea if it is a front for a fake service created in order to access/steal your data.

Phu Juck

member

Activity: 89

Merit: 27

Wow, your warning is very important.
Hackers are always going to abuse bad code, take advantage from it and steal ppl's coins.

Polkadot really needs to solve such issues or it will result in ppl losing Polkadot coins and tokens build on Polkadot supported by web3.

Infections can easily happen and we should be aware to store our coins mostly offline, not in hot wallets and foreign party manufacturers.
Internet and digital space are still very insecure and experienced hackers will exploit flawed code.
It's a very big risk.

StormHawk

member

Activity: 219

Merit: 12

I've always hated chrome extensions, they aren't safe no matter what you preach to me, this is why I don't use metamask on PC until they build a mobile version year back, in fact anything related to crypto apart from crypto mining must stay off your PC especially if you browse the internet with the PC.

cheezcarls

hero member

Activity: 2254

Merit: 658

Revolutionized copy gaming platform

We just have to be very extra careful in installing these extensions, plugins, etc. If we do not do our due diligence, we will likely become easy victims of the scammer.

A few months ago, I was stupid enough not to doing my due diligence believing that everything was real until a few hours later I see my wallets getting drained for a grand total of $12k+. It might not be big to you guys, but it is for me as a 3rd world country guy.

And also when it comes to emails, I usually do not really believe in them as I definitely go to the official website and social media channels to make sure if its really from them or not.

Saint-loup

legendary

Activity: 2590

Merit: 2348

Quote from: zasad@ on August 21, 2022, 05:47:59 AM

https://twitter.com/wallet_guard/status/1561046182645751810?
"There is a new scam going around that leverages a chrome extension to intercept and modify your exchange deposit address & withdrawal requests. This means that even if you double check your addresses, you can still become a victim 1/🧵"

https://medium.com/@walletguardofficial/web3-extension-malware-google-sheets-ac6d9fb6658d
Web3 Extension Malware — ‘Google Sheets’

Thank you to have posted that in the beginners section. It reminds us to always being very careful with extensions, plugins, add-ons, patchs and anything modifying the initial code of a software. I try to avoid them the more I can because I don't even totally trust the official branded stores of softwares I use to deal with cryptos.

OcTradism

hero member

Activity: 1722

Merit: 801

Quote from: Charles-Tim on August 21, 2022, 08:04:20 AM

That is how it suppose to be, to avoid malware, by visiting just official websites. But we should also remember there are other things to do to avoid malware, especially by avoiding ads and torrent files.

Unfortunately, there are so many traps from scammers and newbies are easily and naively to be caught by scammers. Even not newbies still can be caught if they are careless at some points.

It is like in cryptocurrency, I learned an important thing. Don't trust, verify and double check. Even you receive email that looks to be legit, you must go to an exchange and double check for latest announcements, news from their official site. If there is nothing relates to the email you receive, be careful it can be punny code, homograph attacks.

DMs from strangers, simply ignore, block and report them as scammers.

Charles-Tim

legendary

Activity: 1512

Merit: 4795

Quote from: OcTradism on August 21, 2022, 07:44:20 AM

I always try to limit the applications I install on my PC, laptop and mobile devices. The more softwares, applications, extensions I install on my devices, the more risk I will have. Prevention is better than cure and installation reduction is prevention.

That is how it suppose to be, to avoid malware, by visiting just official websites. But we should also remember there are other things to do to avoid malware, especially by avoiding ads and torrent files.

OcTradism

hero member

Activity: 1722

Merit: 801

I always try to limit the applications I install on my PC, laptop and mobile devices. The more softwares, applications, extensions I install on my devices, the more risk I will have. Prevention is better than cure and installation reduction is prevention.

If I install anything, I will get it from official sources. Officially visit websites & download apps, not fake ones.

I don't install anything because I am curious of something new. Sometimes you will receive emails from senders that look to be legit but they are not.

Punycode and how to protect yourself from Homograph Phishing attacks?

Jawhead999

legendary

Activity: 1638

Merit: 1156

This discussion has been created before Fake Google Sheets Extension - Scammed | New Update!

This is the reason why anyone should pay attention when installing an extension and if it's not that important, you shouldn't need to install.

Anyway someone on the tweet have pointed out how to check if the extension is genuine and not the fake one.

Quote from: https://twitter.com/0xQuit/status/1561048553350320128

If you want to check that you're not affected - check the source of your extensions. On Chrome:

Manage extensions -> click "details" for the extension you'd like to check -> ensure that the "Source" is "Chrome Web Store"

zasad@

legendary

Activity: 1736

Merit: 4270

https://twitter.com/wallet_guard/status/1561046182645751810?
"There is a new scam going around that leverages a chrome extension to intercept and modify your exchange deposit address & withdrawal requests. This means that even if you double check your addresses, you can still become a victim 1/🧵"

https://medium.com/@walletguardofficial/web3-extension-malware-google-sheets-ac6d9fb6658d
Web3 Extension Malware — ‘Google Sheets’

Topic: Web3 Extension Malware (Read 185 times)