Technology

Some malicious Google Chrome extensions are stealing credentials and mining cryptos

Crypto jacking is already on the rise and the new report says that popular browser of tech giant Google, Chrome has also fallen victim to some malicious extensions. The team at Radware say they have found a number of malicious Chrome extensions that were all available and hosted on the official Chrome Store. The report says that for over two months seven extensions stole credentials and installed currency miners.

This malware campaign appears to have attacked users by performing credential theft, crypto mining and click fraud.
Speaking on a blog post the security firm said: “Further investigation by Radware’s Threat Research group has revealed that this group has been active since at least March of 2018 and has already infected more than 100,000 users in over 100 countries.”

Radware has dubbed the malware “Nigelthorn” since the original Nigelify application replaces pictures to “Nigel Thornberry” and is responsible for a large portion of the observed infections.

A Google spokeswoman said company employees removed the extensions from the Chrome Web Store and infected users’ browsers within hours of receiving the report.

The seven extensions that Google removed after finding malicious activity. Their names were:

  1. Nigelify
  2. PwnerLike
  3. Alt-j
  4. Fix-case
  5. Divinity 2 Original Sin: Wiki Skill Popup
  6. Keeprivate
  7. iHabno

The main issue here is that the majority of users can’t verify if a Chrome extension is legitimate or not as it requires analyzing its code. This leaves running Chrome without unfamiliar extensions as the only option to stay safe.

Sponsored
Sajeel Syed

I am a writer at TechJuice, overseeing IT, Telecom, Cryptocurrency, and other tech-related features here. When I'm not working, I spend some of my time with good old Xbox 360 and the rest in social activism. Follow me on Twitter: https://twitter.com/sajeelshamsi

Share
Published by
Sajeel Syed

Recent Posts

First AI-Powered Teacher Launched in Pakistan’s Private School

Karachi: A private school in Karachi has unveiled Pakistan’s first AI-powered teacher, a groundbreaking move…

8 mins ago

Yahoo Surprises Users with Its Latest Android Launcher

Third-party apps have long been a staple of the Android ecosystem, but their appeal has…

1 hour ago

Phase-II Review of PTCL-Telenor Deal Finalized by CCP

ISLAMABAD: The Competition Commission of Pakistan (CCP) has completed its Phase-II review of Pakistan Telecommunication…

2 hours ago

Xiaomi’s SU7 Achieves New Production Record, Driving Q3 Growth

Xiaomi has shattered records by producing 100,000 vehicles in just 230 days. This is nearly…

3 hours ago

Teachers Can Now Access OpenAI’s Free AI Course

OpenAI, in collaboration with nonprofit organization Common Sense Media, announced on Wednesday the launch of…

4 hours ago

WhatsApp-Inspired Updates Under Testing in Google Messages

Google is exploring a revamped image-sharing interface in its Messages app, taking cues from WhatsApp…

4 hours ago