Despite Google best effort, every now and then, there emerge hackers brilliant enough to find ways around the defenses the company has set for its Chrome Web Store and Play Store.
Security researcher Harry Denley has exposed a sneaky Chrome extension – NoCoin – that masks itself as an app for blocking crypto jacking. The app looks like the popular crypto-jacking blocker MinerBlock. So if you have already installed the extension, don’t beat yourself too much; they also dupped Google.
How hackers got you to download NoCoin
The hackers behind this crypto-stealing Chrome extension are smart. You can see that in the way the built a fake ERC20 token and named it Huobi; the popular cryptocurrency exchange desk. Winning over owners of cryptocurrencies familiar with the name.
Once you install the extension, it then began an elaborate ploy for stealing your wallet’s private keys. The ERC20 token was distributed by a website claiming to be an airdrop platform and invited visitors to install the malicious app.
Upon installing the extension, this fake crypto jacking blocker started targetting users of wallet solutions Blockchain.com and MyEtherWallet. According to Denley, …read more